Opera 9.21: Highly Critical BitTorrent Vulnerability
Up till now both Internet Explorer and Firefox dominated the browser vulnerability-related news. It was only fair that Opera got its share and a report about a flaw found withing the browser.
August 22, 2007
According to security company Secunia, the recently-discovered flaw can compromise a user's system if exploited by the wrong people:
“The vulnerability is caused due to Opera using already freed memory when parsing BitTorrent headers and can lead to an invalid object pointer being dereferenced.”
As usual in such cases, the flaw can be exploited only if the user is tricked into clicking on a specially crafted BitTorrent file. Also, the users then must remove the same file via a right-click from the download pane.
Secunia has rated the flaw as “highly critical” and warns that it could be use to execute arbitrary code. Up till now, the only version of Opera known to be affected is the 9.21 on Windows, but the security company does not exclude the possibility of older version being vulnerable as well.
The good news is that Opera 9.22 is not affected by the flaw. So all a user has to do in order to avoid possible damage is to upgrade its browser.
Opera 9.22 is available for download right here