Do you want to know if you are using a vulnerable version of Opera ?
Add the following Snort signature:

alert tcp any any -> any $HTTP_PORTS (msg:"PVR - Opera version that can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, or to bypass certain security restrictions"; flags:PA; flow:to_server,established; pcre:"/User-Agent: Opera/9.2[0-6]/"; reference:url,www.opera.com/support/search/view/881/; reference:url,www.opera.com/support/search/view/882/; priority:1; sid:200804032; rev:2;)

You can of course get this signatures in the Signatures.NU project Snort Passive Vulnerabilities Rulesets (PVR).