Joris Guisson: >> Ktorrent Security Vulnerabilities
Directory traversal vulnerability in torrent.cpp in KTorrent before 2.1.3 only checks for the ".." string, which allows remote attackers to overwrite arbitrary files via modified ".." sequences in a torrent filename, as demonstrated by "../" sequences, due to an incomplete fix for CVE-2007-1384.
CVSS Score
6.4
EPSS Score
0.01
Published
2007-04-02
Directory traversal vulnerability in torrent.cpp in KTorrent before 2.1.2 allows remote attackers to overwrite arbitrary files via ".." sequences in a torrent filename.
CVSS Score
6.4
EPSS Score
0.012
Published
2007-03-10
chunkcounter.cpp in KTorrent before 2.1.2 allows remote attackers to cause a denial of service (crash) and heap corruption via a negative or large idx value.
CVSS Score
7.5
EPSS Score
0.037
Published
2007-03-10