Advisory: Malicious torrent files can execute arbitrary code in Opera
Summary
A malicious torrent file can cause Opera to execute arbitrary code.
Severity: Highly critical
Problem description
A specially crafted torrent file can cause a buffer overflow in Opera. This allows arbitrary code to be injected and executed.
The overflow happens when the user right-clicks on the torrent entry in the transfer manager. Simply clicking on the torrent link will not trigger this flaw.
Affected versions
This vulnerability affects Opera for Microsoft Windows.
Opera's response
Opera Software has released Opera 9.21 with a fix for this vulnerability.
Reference
iDefense advisory: Opera Software Opera Web Browser Transfer Item Pop-up Menu Stack Overflow VulnerabilityCredits
Thanks to iDefense Labs for reporting this issue to Opera Software.
Search our knowledge base:
Related pages
Web analytics powered by HitsLink. 
Copyright Opera Software ASA. All rights reserved.
Site Index | Contact | Privacymy.opera.com | operamini.com | widgets.opera.com | dev.opera.com | jobs.opera.com | operapowered.com
jp.opera.com | ru.opera.com | pl.opera.com | de.opera.com | cn.opera.com | tw.opera.com | in.opera.com