I was assuming his transaction never hit the network, which is the only way it could remain in limbo for that long. In that case, there is no way any client other than the one he actually tried to send it on can even know about the transaction. So he should be able to initiate a conflicting transaction on another client.
Yes, I agree. But how does that work practically? The transaction is stored together with your keys in the wallet.dat. Usually the address the transaction was sent from will only exist in this one wallet.dat - together with the transaction itself.
[EDIT:
Don't do that, it won't work. See next post]
The most practicable way of "solving" this that I can think of right now would be:
1) Backup your current wallet.dat
2) Restore a backup that was made right before sending the coins [1][2]
3) Send all [3] the money you see there to another wallet.
4) Restore your backup made in the first step. As soon as the transaction from step 3 will be confirmed the client should [4] remove the conflicting transaction.
[1] It might be older, but the address you received the coins that were spent must be in the backup.
[2] It might be worthwile backing up the wallet.dat before every outgoing transaction and keep the backups for some time.
[3] to be sure, that the problematic address will be emptied as well (=intentional "double spending")
[4] I actually never tried that. But I will try it right now.
