Advisory: Malicious torrent files can execute arbitrary code in Opera
A malicious torrent file can cause Opera to execute arbitrary code.
Severity: Highly critical
A specially crafted torrent file can cause a buffer overflow in Opera.This allows arbitrary code to be injected and executed.
The overflow happens when the user right-clicks on the torrent entryin the transfer manager. Simply clicking on the torrent link willnot trigger this flaw.
This vulnerability affects Opera for Microsoft Windows.
Opera Software has released Opera 9.21 with a fix for thisvulnerability.
Thanks to iDefense Labs for reporting this issue to Opera Software.