Upstream information
Description
Directory traversal vulnerability in libtransmission/metainfo.c in Transmission 1.22, 1.34, 1.75, and 1.76 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in a pathname within a .torrent file.SUSE information
Overall state of this security issue: Resolved
This issue is currently rated as having important severity.
NVD | |
---|---|
Base Score | 6.8 |
Vector | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Access Vector | Network |
Access Complexity | Medium |
Authentication | None |
Confidentiality Impact | Partial |
Integrity Impact | Partial |
Availability Impact | Partial |
Base Score |
Vector |
Attack Vector |
Attack Complexity |
Privileges Required |
User Interaction |
Scope |
Confidentiality Impact |
Integrity Impact |
Availability Impact |
CVSSv3 Version |
SUSE Security Advisories:
- SUSE-SA:2010:008, published Tue, 26 Jan 2010 15:00:00 +0000
SUSE Timeline for this CVE
CVE page created: Fri Jun 28 03:16:14 2013CVE page last modified: Mon Sep 9 17:09:04 2024