Directory traversal vulnerability in torrent.cpp in KTorrent before 2.1.3 only checks for the ".." string, which allows remote attackers to overwrite arbitrary files via modified ".." sequences in a torrent filename, as demonstrated by "../" sequences, due to an incomplete fix for CVE-2007-1384.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published: 2007-04-02T22:00:00
Updated: 2024-08-07T13:06:26.439Z
Reserved: 2007-04-02T00:00:00
Link: CVE-2007-1799

No data.

Status : Modified
Published: 2007-04-02T22:19:00.000
Modified: 2024-11-21T00:29:11.240
Link: CVE-2007-1799

No data.