The host is installed with Opera before 9.26 and is prone to unspecified vulnerability. A flaw is present in the application, which fails to handle images that contain custom comments. Successful exploitation allows user-assisted remote attackers to execute arbitrary script via images that contain custom comments, which are treated as script when the user displays the image properties.