Malicious torrent files can execute arbitrary code in Opera – Opera Security Advisories


A malicious torrent file can cause Opera to execute arbitrary code.

Severity: Highly critical

Problem description

A specially crafted torrent file can cause a buffer overflow in Opera.This allows arbitrary code to be injected and executed.


The overflow happens when the user right-clicks on the torrent entryin the transfer manager. Simply clicking on the torrent link willnot trigger this flaw.

Affected versions

This vulnerability affects Opera for Microsoft Windows.

Opera’s response

Opera Software has released Opera 9.21 with a fix for thisvulnerability.


iDefense advisory: Opera Software Opera Web Browser Transfer Item Pop-up Menu Stack Overflow Vulnerability


Thanks to iDefense Labs for reporting this issue to Opera Software.