Opera before 8.51 on Linux and Unix systems allows remote attackers to execute arbitrary code via shell metacharacters (backticks) in a URL that another product provides in a command line argument when launching Opera.