CVE-2007-1799
EPSS 1.3%ktorrent - directory traversal
發布日:2007/4/2修改日:2026/4/28
描述
Directory traversal vulnerability in torrent.cpp in KTorrent before 2.1.3 only checks for the ".." string, which allows remote attackers to overwrite arbitrary files via modified ".." sequences in a torrent filename, as demonstrated by "../" sequences, due to an incomplete fix for CVE-2007-1384.
受影響套件(3)
- Debian/ktorrentfrom 0, < 2.1.4.dfsg.1-1
- Debian/ktorrentfrom 0, < 2.0.3+dfsg1-2etch1
- Debian/ktorrentfrom 0, < 2.0.3+dfsg1-2.2etch1