Описание
Directory traversal vulnerability in src/torrent_info.cpp in Rasterbar libtorrent before 0.14.4, as used in firetorrent, qBittorrent, deluge Torrent, and other applications, allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) and partial relative pathname in a Multiple File Mode list element in a .torrent file.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | 0.14.4-1 |
| hardy | DNE | |
| intrepid | ignored | end of life, was needs-triage |
| jaunty | ignored | end of life |
| karmic | not-affected | 0.14.4-1 |
| lucid | not-affected | 0.14.4-1 |
| maverick | not-affected | 0.14.4-1 |
| upstream | released | 0.14.4 |
Показывать по
5.8 Medium
CVSS2
Связанные уязвимости
Directory traversal vulnerability in src/torrent_info.cpp in Rasterbar libtorrent before 0.14.4, as used in firetorrent, qBittorrent, deluge Torrent, and other applications, allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) and partial relative pathname in a Multiple File Mode list element in a .torrent file.
Directory traversal vulnerability in src/torrent_info.cpp in Rasterbar ...
Directory traversal vulnerability in src/torrent_info.cpp in Rasterbar libtorrent before 0.14.4, as used in firetorrent, qBittorrent, deluge Torrent, and other applications, allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) and partial relative pathname in a Multiple File Mode list element in a .torrent file.
5.8 Medium
CVSS2