The flaw is caused when Opera uses already freed memory to parse BitTorrent headers, and can lead to an invalid object pointer being de-referenced.
This can be exploited to execute arbitrary code if the user is tricked into clicking on a specially-crafted BitTorrent file and then removes it from the download pane by right-clicking.
The vulnerability is reported in version 9.21 of Opera on Windows, but security monitoring website Secunia, which rated the flaw 'highly critical', said that other versions may also be affected.
The problem can be fixed by upgrading to Opera 9.22.
'Critical' BitTorrent flaw hits Opera
By Matt Chapman on Jul 23, 2007 7:05AM