CVE-2007-1799

EPSS 1.3%

ktorrent - directory traversal

Published: 4/2/2007Modified: 4/28/2026

Also known as:DEBIAN-CVE-2007-1799

Description

Directory traversal vulnerability in torrent.cpp in KTorrent before 2.1.3 only checks for the ".." string, which allows remote attackers to overwrite arbitrary files via modified ".." sequences in a torrent filename, as demonstrated by "../" sequences, due to an incomplete fix for CVE-2007-1384.

Affected packages (3)

Debian/ktorrentfrom 0, < 2.1.4.dfsg.1-1
Debian/ktorrentfrom 0, < 2.0.3+dfsg1-2etch1
Debian/ktorrentfrom 0, < 2.0.3+dfsg1-2.2etch1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2007-1799