Malicious torrent files can execute arbitrary code in Opera – Opera Security Advisories

Summary

A malicious torrent file can cause Opera to execute arbitrary code.

Severity: Highly critical

Problem description

A specially crafted torrent file can cause a buffer overflow in Opera.This allows arbitrary code to be injected and executed.

 

The overflow happens when the user right-clicks on the torrent entryin the transfer manager. Simply clicking on the torrent link willnot trigger this flaw.

Affected versions

This vulnerability affects Opera for Microsoft Windows.

Opera’s response

Opera Software has released Opera 9.21 with a fix for thisvulnerability.

Reference

iDefense advisory: Opera Software Opera Web Browser Transfer Item Pop-up Menu Stack Overflow Vulnerability

Credits

Thanks to iDefense Labs for reporting this issue to Opera Software.