CVE-2009-1760
Published: 11 June 2009
Directory traversal vulnerability in src/torrent_info.cpp in Rasterbar libtorrent before 0.14.4, as used in firetorrent, qBittorrent, deluge Torrent, and other applications, allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) and partial relative pathname in a Multiple File Mode list element in a .torrent file.
Priority
Status
Package | Release | Status |
---|---|---|
libtorrent-rasterbar Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Does not exist
|
|
intrepid |
Ignored
(end of life, was needs-triage)
|
|
jaunty |
Ignored
(end of life)
|
|
karmic |
Not vulnerable
(0.14.4-1)
|
|
lucid |
Not vulnerable
(0.14.4-1)
|
|
maverick |
Not vulnerable
(0.14.4-1)
|
|
upstream |
Released
(0.14.4)
|