Opera
Search the knowledge base
Advisory: Malicious torrent files can execute arbitrary code in Opera
Summary
A malicious torrent file can cause Opera to execute arbitrary code.
Severity: Highly critical
Problem description
A specially crafted torrent file can cause a buffer overflow in Opera. This allows arbitrary code to be injected and executed.
The overflow happens when the user right-clicks on the torrent entry in the transfer manager. Simply clicking on the torrent link will not trigger this flaw.
Affected versions
This vulnerability affects Opera for Microsoft Windows.
Opera's response
Opera Software has released Opera 9.21 with a fix for this vulnerability.
Reference
iDefense advisory: Opera Software Opera Web Browser Transfer Item Pop-up Menu Stack Overflow VulnerabilityCredits
Thanks to iDefense Labs for reporting this issue to Opera Software.
Support
- Overview
- Get started
- Register Opera Mobile
- Knowledge base
- Online communities
- Reporting bugs
- Opera Web Mail
- Access Opera
- Premium support
- Contact support
- Documentation
Opera Help
Need help? Hit F1 anytime while using Opera to access our online help files, or go here.
View mobile site
Copyright © 2009 Opera Software ASA. All rights reserved.