LaFlecha is reporting that due to a bug in Opera Browser, a malformed Torrent file (*.torrent) can cause it to consume 100% cpu resources thus making the system unusable. According to this report, this bug affects Opera for Windows running on Windows SP1 or SP2. A proof of concept code has also been published. It’s unclear if previous versions of Opera and Opera running on other platforms are affected as well. I am not sure about the severity of the exploit either. If it’s just a problem of high cpu usage, then its not a critical vulnerability. I checked with Secunia, but couldn’t find any mention of this vulnerability there. However, as a precautionary measure you can disable torrent integration in Opera. You can disable it by un-checking the box next to “Enable“.
If the report on LeFlacha is true then this would be the 4rth exploit to be discovered in Opera v9 in 2007 – compared to 3 in Mozilla Firefox v2 (of which 1 is unpatched), and 5 in Internet Explorer v7 (of which 3 are unpatched).
(via TorrentFreak)
Update (22nd May) : This vulnerability has been fixed in Opera v9.21. Opera’s advisory related to this exploit is available here.
Hey, It’s currently in private beta and hence only limited but once they start scaling and giving out more invites, i will blog about it.
And by the way, I like your Meta (neo counter). Do you have the link for this?
Cheers
Sriram
Neocounter is available at Neoworx
Yeah installed it and took it off.
Thanks
[...] v9.21 for desktop was released on 21st May. This release fixes a critical vulnerability present in Opera’s torrent [...]