Original URL: https://www.theregister.com/2007/05/23/opera_torrent_bug/

Torrent overflows Opera

Browser maker lances file download bug

By John Leyden

Posted in Channel, 23rd May 2007 10:49 GMT

Opera has fixed a flawed involving how its browser handles Torrent files that allowed hackers to attack vulnerable systems.

A boundary error in handling certain types of Torrent files exposed version 9.x of the browser to a stack-based buffer overflow, providing a user right-clicks a malicious Torrent entry in the transfer manager. Simply clicking on the Torrent link will not trigger the flaw, which Opera nonetheless describes as "highly critical".

Successful exploitation creates a means for hackers to inject hostile code.

The flaw, discovered by security researchers at iDefense, has been confirmed in Opera version 9.20 for Windows. Other versions may also be affected. Users are advised to upgrade to Opera version 9.21 to guard against attack.

Opera has included a built-in BitTorrent client in its browser software since the release of version 9.0, last June. ®