=====================================================================
                                   CERT-Renater

                        Note d'Information No. 2010/VULN149
_____________________________________________________________________

DATE                      : 03/05/2010

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running Opera versions prior to 10.53.

======================================================================
http://www.opera.com/support/kb/view/953/
______________________________________________________________________

Advisory: Multiple asynchronous document modifications can be used to
execute arbitrary code


Affected versions
This vulnerability affects Opera for Windows and Mac.

Severity
Extremely Severe

Description
Multiple asynchronous calls to a script that modifies the document contents
can cause Opera to reference an uninitialized value, which may lead to a crash.
To inject code, additional techniques will have to be employed.


Opera's Response
Opera Software has released Opera 10.53, where this issue has been fixed.
======================================================================

          =========================================================
          Les serveurs de référence du CERT-Renater
          http://www.urec.fr/securite
          http://www.cru.fr/securite
          http://www.renater.fr
          =========================================================
          + CERT-RENATER          | tel : 01-53-94-20-44          +
          + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
          + 75013 Paris           | email: certsvp@renater.fr     +
          =========================================================