Critical BitTorrent Vulnerability Found in Opera Browser
Written by enigmax on July 20, 2007The cross platform browser Opera has been discovered to contain another critical vulnerability affecting its BitTorrent engine, one which leaves it wide open for a malicious user to run arbitrary code, potentially taking remote control of the host machine.
According to Danish computer security outfit Secunia, a vulnerability has been discovered in Opera v9.21 on the Windows platform, which can be exploited to compromise a user’s system, potentially taking remote control of the machine.
The advisory states that the vulnerability is created by Opera’s utilization of already freed memory when parsing BitTorrent headers. This flaw can then be exploited to run code on the host machine when a user is tricked into clicking a specially created .torrent file. When the file does not transfer, the user naturally deletes the .torrent file with a right click, an action which triggers the exploit.
At the moment, Windows version 9.21 is reported as being vulnerable although previous versions may also be affected.
Secunia offers a software tool which which enables users to see if they are affected by the vulnerability.
Any affected users can overcome the problems by upgrading to version 9.22. Opera is no stranger to vulnerabilities in its BitTorrent engine, as reported by us back in May.
Previously: MPAA Responds to Harry Potter Leak
Next: Mininova Launches SFW Video Site
2 Responses
LoL… was woundering how long it would take them to make that information public.
This is old. I know the guy who discovered it.
Responses are closed
All remaining responses will continue to be archived. Use the TorrentFreak forums if you want to discuss something.