Christoph Deal

**Name of the Vulnerable Software and Affected Versions** Opera version 9.02 **Description** A heap-based buffer overflow issue allows remote attackers to execute arbitrary code via a JPEG file with an invalid number of index bytes in the Define Huffman Table (DHT) marker. **Recommendations** For Opera version 9.02, update to a newer version to mitigate the risk of arbitrary code execution.

**Name of the Vulnerable Software and Affected Versions** Opera versions prior to 9.10 **Description** The issue is related to the Javascript SVG support, which does not properly validate object types in a createSVGTransformFromMatrix request. This allows remote attackers to execute arbitrary code via JavaScript code that uses an invalid object in this request, causing a controlled pointer to be referenced during the virtual function call. **Recommendations** For Opera versions prior to 9.10, update to version 9.10 or later to resolve the issue.