Opera Heap Overflow

There is a new (but patched) vulnerability for Opera 9.0 and 9.01. It is a fairly simple heap overflow caused by a URL which is greater than 256 characters (therefore would be easy to exploit via iframe insertion by just inserting a long URL).

The iDefense advisory is here. My intuition is that this was a bounty collected via iDefense's recent browser vulnerability challenge.

The Opera response is here, but I'll cut to the chase and say that the fix is to upgrade to Opera ≥ 9.02.