A 'highly critical' vulnerability has been found in the Opera web browser which could be exploited to remotely compromise a user's system. The flaw is caused when Opera uses already freed memory to parse BitTorrent headers, and can lead to an invalid object pointer being de-referenced.
This can be exploited to execute arbitrary code if the user is tricked into clicking on a specially-crafted BitTorrent file and then removes it from the download pane by right-clicking. The vulnerability is reported in version 9.21 of Opera on Windows, but security monitoring website Secunia, which rated the flaw 'highly critical', said that other versions may also be affected. The problem can be fixed by upgrading to Opera 9.22.
View: The full story
News source: vnunet
22 Comments - Add comment