PublicDate: 2007-04-02 22:19:00 UTC
Candidate: CVE-2007-1799
References:
 https://ubuntu.com/security/notices/USN-436-2
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1799
Description:
 Directory traversal vulnerability in torrent.cpp in KTorrent before 2.1.3
 only checks for the ".." string, which allows remote attackers to overwrite
 arbitrary files via modified ".." sequences in a torrent filename, as
 demonstrated by "../" sequences, due to an incomplete fix for
 CVE-2007-1384.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
upstream_ktorrent: released (2.1.3)
dapper_ktorrent: released (1.2-0ubuntu5.2)
edgy_ktorrent: released (2.0.3+dfsg1-0ubuntu1.2)
feisty_ktorrent: released (2.1-0ubuntu2.1)
devel_ktorrent: not-affected