Opera plugs nasty code execution hole

Opera plugs nasty code execution hole

Summary: A new version of the cross-platform browser was released today to plug a highly critical code execution bug in the way Opera integrates support for BitTorrent downloads.

SHARE:
TOPICS: Browser, Security
10

You can add Opera to the list of Web browsers singing the security blues.

A new version of the cross-platform browser was released today to plug a highly critical code execution bug in the way Opera integrates support for BitTorrent downloads.

The skinny from an iDefense alert:

When parsing a specially crafted BitTorrent header, Opera uses memory that has already been freed. This can result in an invalid object pointer being dereferenced, and may allow for the execution of arbitrary code. The vulnerability is triggered when the user right clicks on the transfer and removes it...

The attacker must persuade a vulnerable user into clicking a link to a BitTorrent file. The targeted user must subsequently remove the entry from the download pane. The requirement to remove the torrent is not considered to be a mitigating factor since it is natural for a user to attempt to do so when a transfer is not progressing.

This is not the first time a critical security problem has been flagged in Opera 9's support of BitTorrent downloads.

Opera has released its own advisory confirming the latest BitTorrent issue. A fix is available in the latest Opera 9.22.

Topics: Browser, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

10 comments
Log in or register to join the discussion
  • Ouch, even the best get hammered sometimes

    I hope this isn't the start of the slippery slope...

    Good reporting Ryan!
    Scrat
  • Ready to update all

    Like the previous poster said, I hope this isn't the start of a slipery slope, or the tip of the iceberg.
    nucrash
    • slipery slope or the tip of the iceberg?

      I don't think so.
      enhalos
      • Considering the numbers for a minute

        The number of discovered vulns and the time to patch, I am still happier with Opera than I ever would be with IE / FF.

        http://www.opera.com
        Scrat
        • Yes please do consider the numbers

          Especially the number of people using it. The more people using software, then the more bugs that will be found. Considering the vanishingly small usage of Opera, I'm sure there's more to be found.

          All software has bugs. Browsers are software. All browsers have bugs. If you are that worried about security, use the one that has the highest usage, as it will be tested the most.
          tonymcs1
          • I'm sure you meant that as a joke!

            [i]"If you are that worried about security, use the one that has the highest usage, as it will be tested the most."[/i]

            So would you suggest I switch to Internet Explorer to give me the best protection?

            [please bear with me whilst I roll around the floor laughing uncontrollably]

            Seriously, do you actually believe that, especially considering the very recent IE / FF vuln?

            I think I'll stick with my "vanishingly small" market share browser.

            If I were you, I'd go out and buy a box full of clues!
            Scrat
          • No that is seriously true

            There is a train of thought within the security community that the more users an application has the more secure it is likely to be over time. The economic principle of supply and demand is at work here and I'll walk you through why this is so.

            Security researchers (or hackers if you will) will always target applications that have the highest number of users because vulnerabilities found in those applications pay (money, notariety, etc.) better than those with low numbers of users.

            At first, what happens is the application appears more buggy, but this is only temporary because early on in the product cycle vulnerabilities are found faster than the vendors can fix them. After a while the vendor catches up and the end result is an application that is far more secure than it was before. Now this does happen for all applications. The difference is the extent that it happens for those explicitly targeted by the security community.

            Now, the conclusion you can draw from this (and my point to be more exact) is that applications that have low share are going to have more bugs and be less secure because they did not benefit from the attention given to those apps that have a large number of users.

            The problem is two fold for them in that if not enough people use the applications, nobody will discover the vulnerabilities and second, nobody will care even if they are found.
            BFD
          • Security through being a Minority?

            It seems to work for Mac users at the moment.

            Although with the growing usage of Smart Phones as browsers that use Opera, perhaps one should consider that market and the possibility that Opera is more tested than we normally know.

            Also, out of both Firefox and IE, Opera usually lead the way for new features. It had tabs before Firefox or IE, it had a pop-up blocker before either or.
            nucrash
  • Yep, but look how fast it got fixed.

    Yep, but look how fast it got fixed.
    The_Curmudgeon
  • Opera

    Opera by far is the finest browser I have ever used. It is fast, it is easy to setup, and the size of the browser is less than the last patch for ie! So we have found a single problem. OMG! run in circles scream and shout. Opera fixed their browser in less time than either of the other browser would have started on a fix. Why anyone would use another browser is beyond me.
    Troll Hunter