Описание
Use-after-free in libtransmission/variant.c in Transmission before 3.00 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted torrent file.
Ссылки
- PatchThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- ExploitMitigationVendor Advisory
- PatchThird Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Third Party Advisory
- ExploitMitigationVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.00 (исключая)
cpe:2.3:a:transmissionbt:transmission:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Конфигурация 3
Одно из
cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
EPSS
Процентиль: 85%
0.02384
Низкий
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-416
Связанные уязвимости
CVSS3: 7.8
ubuntu
больше 5 лет назад
Use-after-free in libtransmission/variant.c in Transmission before 3.00 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted torrent file.
CVSS3: 7.8
debian
больше 5 лет назад
Use-after-free in libtransmission/variant.c in Transmission before 3.0 ...
github
больше 3 лет назад
Use-after-free in libtransmission/variant.c in Transmission before 3.00 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted torrent file.
EPSS
Процентиль: 85%
0.02384
Низкий
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-416