481 matches found
Peers static overflow in BitTorrent 6.0 and uTorrent 1.7.5
Luigi Auriemma Applications: BitTorrent and uTorrent http://www.bittorrent.com http://www.utorrent.com Versions: BitTorrent = 6.0 build 5535 uTorrent = 1.7.5 build 4602 uTorrent = 1.8-alpha-7834 Platforms: Windows confirmed Mac and Linux both available only on BitTorrent have not been tested Bug:...
BitTorrent 6.0 uTorrent 1.61.7 - Peers Window Remote Code Execution
BitTorrent 6.0 uTorrent 1.61.7 - Peers Window Remote Code Execution source: https://www.securityfocus.com/bid/27321/info BitTorrent and uTorrent are prone to a remote code-execution vulnerability because the applications fail to perform adequate boundary checks on user-supplied data. Attackers ca...
BitTorrent 6.0 / uTorrent 1.6/1.7 - Peers Window Remote Code Execution
source: https://www.securityfocus.com/bid/27321/info BitTorrent and uTorrent are prone to a remote code-execution vulnerability because the applications fail to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execute arbitrary code in the context of the...
SQL injection bug found in TBSource.
A vulnerability found in the popular bittorrent tracker TBSource code allows an attacker to inject SQL queries and read secret information from the database. The value of 'choice' passed to the script index.php is not properly sanitized. When a special tailored value is passed by an attacker, ful...
DSA-1373-2 ktorrent - directory traversal
Bulletin has no description...
GLSA-200708-17 : Opera: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200708-17 Opera: Multiple vulnerabilities An error known as 'a virtual function call on an invalid pointer' has been discovered in the JavaScript engine CVE-2007-4367. Furthermore, iDefense Labs reported that an already-freed...
Debian DSA-1373-2 : ktorrent - directory traversal
It was discovered that ktorrent, a BitTorrent client for KDE, was vulnerable to a directory traversal bug which potentially allowed remote users to overwrite arbitrary files. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
Opera: Multiple vulnerabilities
Background Opera is a multi-platform web browser. Description An error known as "a virtual function call on an invalid pointer" has been discovered in the JavaScript engine CVE-2007-4367. Furthermore, iDefense Labs reported that an already-freed pointer may be still used under unspecified...
FreeBSD : opera -- multiple vulnerabilities (12d266b6-363f-11dc-b6c9-000c6ec775d9)
Opera Software ASA reports of multiple security fixes in Opera, including an arbitrary code execute vulnerability : Opera for Linux, FreeBSD, and Solaris has a flaw in the createPattern function that leaves old data that was in the memory before Opera allocated it in the new pattern. The pattern...
Opera < 9.22 Multiple Vulnerabilities
The version of Opera installed on the remote host reportedly can be tricked into attempting to dereference an invalid object pointer when parsing a specially crafted BitTorrent header. This could cause the application to crash or even lead to execution of arbitrary code subject to the privileges ...
CVE-2007-3929
Use-after-free vulnerability in the BitTorrent support in Opera before 9.22 allows user-assisted remote attackers to execute arbitrary code via a crafted header in a torrent file, which leaves a dangling pointer to an invalid object...
Design/Logic Flaw
Use-after-free vulnerability in the BitTorrent support in Opera before 9.22 allows user-assisted remote attackers to execute arbitrary code via a crafted header in a torrent file, which leaves a dangling pointer to an invalid object...
CVE-2007-3929
Use-after-free vulnerability in the BitTorrent support in Opera before 9.22 allows user-assisted remote attackers to execute arbitrary code via a crafted header in a torrent file, which leaves a dangling pointer to an invalid object...
CVE-2007-3929
Use-after-free vulnerability in the BitTorrent support in Opera before 9.22 allows user-assisted remote attackers to execute arbitrary code via a crafted header in a torrent file, which leaves a dangling pointer to an invalid object...
CVE-2007-3929
CVE-2007-3929 describes a use-after-free vulnerability in the BitTorrent support of Opera prior to 9.22. A crafted BitTorrent header can leave a dangling pointer to an invalid object, potentially enabling user-assisted remote code execution. Connected advisories indicate multiple vulnerabilities ...
Opera浏览器BitTorrent头解析无效指针引用漏洞
BUGTRAQ ID: 24970 Opera是一款流行的WEB浏览器,支持多种平台。 Opera在处理畸形的BitTorrent文件头结构时存在内存破坏漏洞,远程攻击者可能利用此漏洞控制用户系统。 Opera支持BitTorrent下载。在解析特制的BitTorrent头时,Opera可能会使用已经释放了的内存,这会导致引用无效的对象指针。如果用户受骗点击了恶意的BitTorrent下载然后右击传输删除的话,就可能触发这个漏洞,导致执行任意指令。 Opera Software Opera 9.21 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
Opera use-after-free vulnerability
Memory is used after free on BitTorrent headers parsing...
A malicious torrent can cause Opera to execute arbitrary code
Removing a specially crafted torrent from the download managercan crash Opera. The crash is caused by an erroneous memoryaccess.An attacker needs to entice the user to accept the maliciousBitTorrent download, and later remove it from Opera's downloadmanager. To inject code, additional means will...
iDefense Security Advisory 07.19.07: Opera Software Opera Web Browser BitTorrent Dangling Pointer Vulnerability
Opera Software Opera Web Browser BitTorrent Dangling Pointer Vulnerability iDefense Security Advisory 07.19.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jul 19, 2007 I. BACKGROUND Opera is a cross-platform web browser. More information is available at http://www.opera.com/ II...
Opera BitTorrent buffer overflow
Buffer overflow on BitTorrent headers parsing...