BitTorrent 6.0 and uTorrent 1.6/1.7 Peers Window Remote Code Execution Vulnerability

2008-01-16T00:00:00
ID EDB-ID:31032
Type exploitdb
Reporter Luigi Auriemma
Modified 2008-01-16T00:00:00

Description

BitTorrent 6.0 and uTorrent 1.6/1.7 Peers Window Remote Code Execution Vulnerability. CVE-2008-0364. Remote exploit for windows platform

                                        
                                            source: http://www.securityfocus.com/bid/27321/info

BitTorrent and uTorrent are prone to a remote code-execution vulnerability because the applications fail to perform adequate boundary checks on user-supplied data.

Attackers can exploit this issue to execute arbitrary code in the context of the application or to crash the affected application, denying service to legitimate users.

This issue affects the following versions:

BitTorrent 6.0
uTorrent 1.7.5
uTorrent 1.8-alpha-7834

Earlier versions may be affected as well.

UPDATE (January 24, 2008): This issue was originally documented as a denial-of-service issue, but reliable reports suggest that this issue can be exploited to execute arbitrary code. 

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31032.zip