Buffer overflow in Opera 6.01 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes.
http://www.securityfocus.com/bid/5717
http://www.iss.net/security_center/static/10126.php
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-09/0167.html