One of the five fixes is actually a “re-fix” for a “critical” issue “where certain URL constructs could allow arbitrary code execution”, Opera explained in its advisory. (The Windows, Mac, and Unix advisories all contain the same security fixes.)
Opera also addressed an issue where certain characters in HTML could incorrectly be ignored, thereby facilitating cross-site scripting attacks; an issue where small windows could be used to trick users into executing downloads; an issue where an element’s HTLM content could be incorrectly returned without escaping, thereby bypassing some HTML sanitizers; and an low severity issue that the company will detail at a later date.
On the critical re-fix, Opera explained: “Certain page address (URL) constructs can cause Opera to allocate the wrong amount of memory for storing the address. When it then attempts to store the address, it will overwrite unrelated memory with attacker-controlled data. This can lead to a crash, which may also execute that data as code.”