Upstream information
Description
Directory traversal vulnerability in libtransmission/metainfo.c in Transmission 1.22, 1.34, 1.75, and 1.76 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in a pathname within a .torrent file.SUSE information
Overall state of this security issue: Resolved
This issue is currently rated as having important severity.
| NVD | |
|---|---|
| Base Score | 6.8 |
| Vector | AV:N/AC:M/Au:N/C:P/I:P/A:P |
| Access Vector | Network |
| Access Complexity | Medium |
| Authentication | None |
| Confidentiality Impact | Partial |
| Integrity Impact | Partial |
| Availability Impact | Partial |
| Base Score |
| Vector |
| Attack Vector |
| Attack Complexity |
| Privileges Required |
| User Interaction |
| Scope |
| Confidentiality Impact |
| Integrity Impact |
| Availability Impact |
| CVSSv3 Version |
SUSE Security Advisories:
- SUSE-SA:2010:008, published Tue, 26 Jan 2010 15:00:00 +0000
SUSE Timeline for this CVE
CVE page created: Fri Jun 28 03:16:14 2013CVE page last modified: Mon Sep 9 17:09:04 2024