'Critical' BitTorrent flaw hits Opera

By

A 'highly critical' vulnerability has been found in the Opera web browser which could be exploited to remotely compromise a user's system.

'Critical' BitTorrent flaw hits Opera
The flaw is caused when Opera uses already freed memory to parse BitTorrent headers, and can lead to an invalid object pointer being de-referenced. 

This can be exploited to execute arbitrary code if the user is tricked into clicking on a specially-crafted BitTorrent file and then removes it from the download pane by right-clicking.

The vulnerability is reported in version 9.21 of Opera on Windows, but security monitoring website Secunia, which rated the flaw 'highly critical', said that other versions may also be affected. 

The problem can be fixed by upgrading to Opera 9.22.



Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
bittorrentcriticalflawhitsoperasecurity

Sponsored Whitepapers

Optus Enterprise Mobility
Optus Enterprise Mobility
Life After VMware: Scale Securely with mCloud by Micron21
Life After VMware: Scale Securely with mCloud by Micron21
Cut Cloud Costs Without Compromise: Discover mCloud by Micron21
Cut Cloud Costs Without Compromise: Discover mCloud by Micron21
What 4 wholesale distribution challenges aren’t going away anytime soon?
What 4 wholesale distribution challenges aren’t going away anytime soon?
State of the SOC: Building Resilience in a Shifting Threat Landscape
State of the SOC: Building Resilience in a Shifting Threat Landscape

Events

Most Read Articles

"VoidProxy" PhishKit targets Google and Microsoft users

"VoidProxy" PhishKit targets Google and Microsoft users
First npm worm "Shai-Hulud" released in supply chain attack

First npm worm "Shai-Hulud" released in supply chain attack
Apple adds "mercenary spyware" protection to new A19 chip

Apple adds "mercenary spyware" protection to new A19 chip
Phishing attack nets enormous npm supply chain compromise

Phishing attack nets enormous npm supply chain compromise
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?