Opera
Search the knowledge base
Advisory: A malicious torrent can cause Opera to execute arbitrary code
Summary
A malicious torrent file can cause Opera to execute arbitrary code.
Severity: High
Problem description
Removing a specially crafted torrent from the download manager can crash Opera. The crash is caused by an erroneous memory access.
An attacker needs to entice the user to accept the malicious BitTorrent download, and later remove it from Opera's download manager. To inject code, additional means will have to be employed.
Users clicking a BitTorrent link and rejecting the download are not affected.
Opera's response
Opera Software has released Opera 9.22 with a fix for this vulnerability.
Credits
Thanks to iDefense Labs for reporting this issue to Opera Software.
Support
- Overview
- Get started
- Register Opera Mobile
- Knowledge base
- Online communities
- Reporting bugs
- Opera Web Mail
- Access Opera
- Premium support
- Contact support
- Documentation
Opera Help
Need help? Hit F1 anytime while using Opera to access our online help files, or go here.
View mobile site
Copyright © 2009 Opera Software ASA. All rights reserved.