Lucene search
K

481 matches found

securityvulns
securityvulns
added 2008/01/17 12:0 a.m.42 views

Peers static overflow in BitTorrent 6.0 and uTorrent 1.7.5

Luigi Auriemma Applications: BitTorrent and uTorrent http://www.bittorrent.com http://www.utorrent.com Versions: BitTorrent = 6.0 build 5535 uTorrent = 1.7.5 build 4602 uTorrent = 1.8-alpha-7834 Platforms: Windows confirmed Mac and Linux both available only on BitTorrent have not been tested Bug:...

Exploits0
exploitpack
exploitpack
added 2008/01/16 12:0 a.m.18 views

BitTorrent 6.0 uTorrent 1.61.7 - Peers Window Remote Code Execution

BitTorrent 6.0 uTorrent 1.61.7 - Peers Window Remote Code Execution source: https://www.securityfocus.com/bid/27321/info BitTorrent and uTorrent are prone to a remote code-execution vulnerability because the applications fail to perform adequate boundary checks on user-supplied data. Attackers ca...

8.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/01/16 12:0 a.m.23 views

BitTorrent 6.0 / uTorrent 1.6/1.7 - Peers Window Remote Code Execution

source: https://www.securityfocus.com/bid/27321/info BitTorrent and uTorrent are prone to a remote code-execution vulnerability because the applications fail to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execute arbitrary code in the context of the...

7AI score
Exploits0
securityvulns
securityvulns
added 2007/11/12 12:0 a.m.45 views

SQL injection bug found in TBSource.

A vulnerability found in the popular bittorrent tracker TBSource code allows an attacker to inject SQL queries and read secret information from the database. The value of 'choice' passed to the script index.php is not properly sanitized. When a special tailored value is passed by an attacker, ful...

2AI score
Exploits0
OSV
OSV
added 2007/10/23 12:0 a.m.28 views

DSA-1373-2 ktorrent - directory traversal

Bulletin has no description...

6.4CVSS6AI score0.02269EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/09/14 12:0 a.m.41 views

GLSA-200708-17 : Opera: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200708-17 Opera: Multiple vulnerabilities An error known as 'a virtual function call on an invalid pointer' has been discovered in the JavaScript engine CVE-2007-4367. Furthermore, iDefense Labs reported that an already-freed...

9.3CVSS6.2AI score0.08248EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2007/09/14 12:0 a.m.31 views

Debian DSA-1373-2 : ktorrent - directory traversal

It was discovered that ktorrent, a BitTorrent client for KDE, was vulnerable to a directory traversal bug which potentially allowed remote users to overwrite arbitrary files. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

6.4CVSS5.5AI score0.02269EPSS
Exploits0References2
Gentoo Linux
Gentoo Linux
added 2007/08/22 12:0 a.m.57 views

Opera: Multiple vulnerabilities

Background Opera is a multi-platform web browser. Description An error known as "a virtual function call on an invalid pointer" has been discovered in the JavaScript engine CVE-2007-4367. Furthermore, iDefense Labs reported that an already-freed pointer may be still used under unspecified...

9.3CVSS7.3AI score0.08248EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2007/07/23 12:0 a.m.26 views

FreeBSD : opera -- multiple vulnerabilities (12d266b6-363f-11dc-b6c9-000c6ec775d9)

Opera Software ASA reports of multiple security fixes in Opera, including an arbitrary code execute vulnerability : Opera for Linux, FreeBSD, and Solaris has a flaw in the createPattern function that leaves old data that was in the memory before Opera allocated it in the new pattern. The pattern...

9.3CVSS6AI score0.06466EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2007/07/23 12:0 a.m.30 views

Opera < 9.22 Multiple Vulnerabilities

The version of Opera installed on the remote host reportedly can be tricked into attempting to dereference an invalid object pointer when parsing a specially crafted BitTorrent header. This could cause the application to crash or even lead to execution of arbitrary code subject to the privileges ...

9.3CVSS6.1AI score0.06466EPSS
Exploits1References11
NVD
NVD
added 2007/07/21 12:30 a.m.23 views

CVE-2007-3929

Use-after-free vulnerability in the BitTorrent support in Opera before 9.22 allows user-assisted remote attackers to execute arbitrary code via a crafted header in a torrent file, which leaves a dangling pointer to an invalid object...

9.3CVSS7.3AI score0.06466EPSS
Exploits0References10
Prion
Prion
added 2007/07/21 12:30 a.m.19 views

Design/Logic Flaw

Use-after-free vulnerability in the BitTorrent support in Opera before 9.22 allows user-assisted remote attackers to execute arbitrary code via a crafted header in a torrent file, which leaves a dangling pointer to an invalid object...

9.3CVSS7.6AI score0.06466EPSS
Exploits0References10Affected Software1
UbuntuCve
UbuntuCve
added 2007/07/21 12:30 a.m.27 views

CVE-2007-3929

Use-after-free vulnerability in the BitTorrent support in Opera before 9.22 allows user-assisted remote attackers to execute arbitrary code via a crafted header in a torrent file, which leaves a dangling pointer to an invalid object...

9.3CVSS6.3AI score0.06466EPSS
Exploits0References1
Cvelist
Cvelist
added 2007/07/21 12:0 a.m.32 views

CVE-2007-3929

Use-after-free vulnerability in the BitTorrent support in Opera before 9.22 allows user-assisted remote attackers to execute arbitrary code via a crafted header in a torrent file, which leaves a dangling pointer to an invalid object...

7.2AI score0.06466EPSS
Exploits0References10
CVE
CVE
added 2007/07/21 12:0 a.m.54 views

CVE-2007-3929

CVE-2007-3929 describes a use-after-free vulnerability in the BitTorrent support of Opera prior to 9.22. A crafted BitTorrent header can leave a dangling pointer to an invalid object, potentially enabling user-assisted remote code execution. Connected advisories indicate multiple vulnerabilities ...

9.3CVSS7.2AI score0.06466EPSS
Exploits0References10Affected Software1
seebug.org
seebug.org
added 2007/07/20 12:0 a.m.35 views

Opera浏览器BitTorrent头解析无效指针引用漏洞

BUGTRAQ ID: 24970 Opera是一款流行的WEB浏览器,支持多种平台。 Opera在处理畸形的BitTorrent文件头结构时存在内存破坏漏洞,远程攻击者可能利用此漏洞控制用户系统。 Opera支持BitTorrent下载。在解析特制的BitTorrent头时,Opera可能会使用已经释放了的内存,这会导致引用无效的对象指针。如果用户受骗点击了恶意的BitTorrent下载然后右击传输删除的话,就可能触发这个漏洞,导致执行任意指令。 Opera Software Opera 9.21 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

6.9AI score
Exploits0
securityvulns
securityvulns
added 2007/07/19 12:0 a.m.38 views

Opera use-after-free vulnerability

Memory is used after free on BitTorrent headers parsing...

2.5AI score
Exploits0References1Affected Software1
Opera Security Advisories
Opera Security Advisories
added 2007/07/19 12:0 a.m.16 views

A malicious torrent can cause Opera to execute arbitrary code

Removing a specially crafted torrent from the download managercan crash Opera. The crash is caused by an erroneous memoryaccess.An attacker needs to entice the user to accept the maliciousBitTorrent download, and later remove it from Opera's downloadmanager. To inject code, additional means will...

3.9AI score
Exploits0Affected Software1
securityvulns
securityvulns
added 2007/07/19 12:0 a.m.36 views

iDefense Security Advisory 07.19.07: Opera Software Opera Web Browser BitTorrent Dangling Pointer Vulnerability

Opera Software Opera Web Browser BitTorrent Dangling Pointer Vulnerability iDefense Security Advisory 07.19.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jul 19, 2007 I. BACKGROUND Opera is a cross-platform web browser. More information is available at http://www.opera.com/ II...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2007/05/25 12:0 a.m.19 views

Opera BitTorrent buffer overflow

Buffer overflow on BitTorrent headers parsing...

3.7AI score
Exploits0References1Affected Software1
Rows per page
Query Builder