Go to the Softpedia homepage


NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
Home / News / Security / Advisories

Advisories

Opera Browser and BitTorrent Downloads: Impossible!

New vulnerability discovered in the browser

By Bogdan Popa, Security and Search Engines Editor

20th of July 2007, 13:09 GMT

Adjust text size:


Opera for Windows
Enlarge picture
As you know, the famous Opera browser supports BitTorrents downloads because it includes support for .torrent files. But have you ever used this special function of the browser? If the answer is yes, you should really read this article. If the answer is no, you should also read it in order to know what's expecting you if you're thinking to abandon your stand-alone BitTorrent client. First of all, it works
quite slow and sometimes it dramatically increases the websites' loading times. Secondly, it's not secure. And I'm not the one saying it but iDefense Labs, a security company that discovered a critical flaw in Opera's BitTorrent support.

You should know that a successful exploitation of the flaw might allow an attacker to control the affected computer with the same privileges owned by the user who is currently logged in. According to iDefense, "when parsing a specially crafted BitTorrent header, Opera uses memory that has already been freed. This can result in an invalid object pointer being dereferenced, and may allow for the execution of arbitrary code. The vulnerability is triggered when the user right clicks on the transfer and removes it."

The only solution is to update your web-browser to the latest version, 9.22 that was especially released to correct this problem.

"Exploitation of this vulnerability allows an attacker to execute arbitrary code on the affected host with the privileges of the logged in user. The attacker must persuade a vulnerable user into clicking a link to a BitTorrent file. The targeted user must subsequently remove the entry from the download pane. The requirement to remove the torrent is not considered to be a mitigating factor since it is natural for a user to attempt to do so when a transfer is not progressing," iDefense Labs added in the security advisory.

If you want to download the latest version of Opera Browser, you can take it straight from Softpedia using this link.

TAGS:

 opera | browser | bittorrent | vulnerability | security


Rating:
Good (3.0/5) 8 vote(s) so far    

Read by 1,002 user(s) | Add comment | Link to this article
Subscribe to news | Print article | Send to friend

© Copyright 2001-2008 Softpedia
Contact:

 

 

SEARCH THE NEWS ARCHIVE :




Today's News | Yesterday's News | News Archive


MORE RELATED ARTICLES:


T-Mobile Brings My Opera Community to Mobile

Opera Browser Can't Handle The Flash Files

Opera Not Supported by Google? Install This Patch!

Opera Mini Is the Most Popular Web Browser

The Buggy Opera Torrent Client Strikes Again!

Opera Mini 4 Beta Available

User opinions:

No user comments yet.
Be the first to express your opinion using the form below!

Share your opinion:

Your Name:
Your Email Address:
(will not be used for commercial purposes)
Solve this to prove you're not a bot: =
Your review/opinion:

 






SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   ENTER NEWS SITE   |   ENGLISH BOARD   |   ROMANIAN FORUM
© 2001 - 2008 Softpedia. All rights reserved.
Softpedia™ and the Softpedia™ logo are registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use | Update your software | Archive