Opera prior to 9.23 allows remote malicious users to execute arbitrary code via crafted Javascript that triggers a "virtual function call on an invalid pointer."
opera opera browser