Monday, July 23, 2007

Security : BitTorrent flaw hits Opera

A 'highly critical' vulnerability has been found in the Opera web browser which could be exploited to remotely compromise a user's system. The flaw is caused when Opera uses already freed memory to parse BitTorrent headers, and can lead to an invalid object pointer being de-referenced.

This can be exploited to execute arbitrary code if the user is tricked into clicking on a specially-crafted BitTorrent file and then removes it from the download pane by right-clicking. The vulnerability is reported in version 9.21 of Opera on Windows, but security monitoring website Secunia, which rated the flaw 'highly critical', said that other versions may also be affected. The problem can be fixed by upgrading to Opera 9.22.

But what i suggest is, do not use Opera for torrents. You can use uTorrent, BitComet etc... There are many freeware/Open Source torrent clients available.