French security services provider VUPEN has reported a critical security vulnerability in Opera which could allow crafted web pages to infect Windows systems with malware. The problem is said to be caused by a bug in opera.dll when processing HTML files containing selected elements that have a large number of child elements.
The bug was first reported by security researcher Jordi Chancel in early January, but he only succeeded in exploiting it to crash the browser. VUPEN appears to have succeeded in developing an exploit to inject and execute code and has therefore classified the problem as critical. The bug has been confirmed in Opera 11.00 and earlier and 10.63 and earlier for Windows 7 and XP SP3. At present there's no patch or update for the problem.