180 matches found
CVE-2015-5474
BitTorrent and uTorrent allow remote attackers to inject command line parameters and execute arbitrary commands via a crafted URL using the 1 bittorrent or 2 magnet protocol...
CVE-2015-5474
BitTorrent and uTorrent are affected by a remote code execution vulnerability due to how URLs with the bittorrent: or magnet: protocols are handled. A crafted URL can inject arbitrary command line parameters and have them passed to the BitTorrent/uTorrent executable, enabling code execution under...
BitTorrent and uTorrent Remote Code Execution Vulnerability
BitTorrent and uTorrent are both popular bittorrent protocol clients that use the same code base. BitTorrent and uTorrent have security vulnerabilities when handling URLs for the bittorrent or magnet protocols, which construct malicious links starting with bittorrent: or magnet: to trick users in...
BitTorrent/uTorrent URI Protocol Command Line Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of BitTorrent and uTorrent. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...
CVE-2014-5727
The uTorrent Remote aka com.utorrent.web application 1.0.20110929 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
Information disclosure
The uTorrent Remote aka com.utorrent.web application 1.0.20110929 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-5727
The uTorrent Remote aka com.utorrent.web application 1.0.20110929 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-5727
CVE-2014-5727: Affects the Android uTorrent Remote (com.utorrent.web) app version 1.0.20110929. Root cause: it does not verify X.509 certificates from SSL servers, enabling MITM by spoofing servers with crafted certificates. Consequences include potential disclosure of sensitive information (conf...
uTorrent <= 1.8.3 (Build 15772) Create New Torrent Buffer Overflow PoC
No description provided by source. !/usr/bin/env python uTorrent = 1.8.3 Build 15772 Create New Torrent Buffer Overflow PoC By: DrIDE Note: This is old but I figured I would release it if someone wanted to play with it. Note: This was fixed as of version 1.8.3 Build 16010 Download:...
uTorrent WebUI <= 0.370 - Authorization header DoS Exploit
No description provided by source. !/usr/bin/perl Exploit Title: uTorrent WebUI Version: µTorrent 2.0 build 18488 / WebUI EAX 00000000 ECX 00000000 EDX 00000001 EBX 003D8360 ASCII "admin" ESP 0141FE94 EBP 0141FF08 ESI 00000000 EDI 01511958 EIP 0041BC62 uTorrent.0041BC62 Good luck! corelanc0d3r us...
uTorrent DLL Hijacking Vulnerabilities
No description provided by source. Title: uTorrent =2.0.3 Dll Hijacking Local Exploits By: DrIDE Tested: Windows 7RC Note: These are additional DLL's with unsafe Load Paths Reference: http://www.exploit-db.com/exploits/14726/ If the payload .DLL file is renamed to any of these files and placed in...
uTorrent WebUI 0.310 beta 2 - Cross-Site Request Forgery Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28847/info uTorrent WebUI is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to execute arbitrary actions in the context of the affected application. uTorrent WebUI...
uTorrent <= 2.0.3 DLL Hijacking Exploit (plugin_dll.dll)
No description provided by source. / Exploit Title: uTorrent = 2.0.3 DLL Hijacking Exploit plugindll.dll Date: 24/08/2010 Author: TheLeader Email: gsog2009 a7 hotmail d0t com Software Link: http://www.utorrent.com/downloads Version: 2.0.3 and prior Tested on: Windows 7 x86 6.1.7600 Compile and...
BitTorrent 6.0 and uTorrent 1.6/1.7 Peers Window Remote Code Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27321/info BitTorrent and uTorrent are prone to a remote code-execution vulnerability because the applications fail to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execute...
UTorrent announce Buffer Overflow - Ver2 (CVE-2007-0927)
A buffer overflow vulnerability has been reported in Utorrent. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
uTorrent 3.x app exploit 0day
Exploit for windows platform in category local exploits This is private exploit. You can buy it at https://0day.today...
CVE-2009-5134
Buffer overflow in the "create torrent dialog" functionality in uTorrent 1.8.3 build 15772, and possibly other versions before 1.8.3 Build 16010, allows user-assisted remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a text file containing a...
Buffer overflow
Buffer overflow in the "create torrent dialog" functionality in uTorrent 1.8.3 build 15772, and possibly other versions before 1.8.3 Build 16010, allows user-assisted remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a text file containing a...
CVE-2009-5134
The vulnerability affects uTorrent 1.8.3 build 15772 and potentially earlier/other builds up to Build 16010, where a buffer overflow in the "+create torrent dialog" function can be triggered by a text file containing a large string. The underlying issue is a buffer overflow that allows user-assis...
CVE-2009-5134
Buffer overflow in the "create torrent dialog" functionality in uTorrent 1.8.3 build 15772, and possibly other versions before 1.8.3 Build 16010, allows user-assisted remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a text file containing a...