14 DAY TRIAL // Just three days after coming out of its Beta phase and being released in its final version on the market a vulnerability has been reported in Opera 9.0. The flaw is a result of the application's memory management when it is processing a malicious HTML document.
At the source of the vulnerability lies the way in which a hypertext anchor in a HTML document is used to reference a link. If the HREF (Hypertext REFefence) tag is designed of an excessive length, then an attacker can use that to create a DoS (Denial of Service) condition. The moment a user loads a HTML document that contains the malicious HREF tag, the browser will crash. Opera 9.0 is the sole version for which this vulnerability has been reported. So far, Opera has not issued any response or patch to fix the vulnerability.
When the browser Opera 9.0 was still in Beta phase, another vulnerability was reported relating to an integer overflow condition created by the application's attempt to process a specially crafted JPEG image that would allow an attacker access via a network and the possibility of arbitrary code execution. This vulnerability affected the Beta version and the ones prior to that but the flaw was repaired in Opera 9.0.
Both issues were declared particular vulnerabilities and received a Generic-Map-Nomatch tag.