Joris Guisson: Security Vulnerabilities
Directory traversal vulnerability in torrent.cpp in KTorrent before 2.1.3 only checks for the ".." string, which allows remote attackers to overwrite arbitrary files via modified ".." sequences in a torrent filename, as demonstrated by "../" sequences, due to an incomplete fix for CVE-2007-1384.
CVSS Score
6.4
EPSS Score
0.01
Published
2007-04-02
Directory traversal vulnerability in torrent.cpp in KTorrent before 2.1.2 allows remote attackers to overwrite arbitrary files via ".." sequences in a torrent filename.
CVSS Score
6.4
EPSS Score
0.012
Published
2007-03-10
chunkcounter.cpp in KTorrent before 2.1.2 allows remote attackers to cause a denial of service (crash) and heap corruption via a negative or large idx value.
CVSS Score
7.5
EPSS Score
0.037
Published
2007-03-10