Articles with tag: Vulnerability
POSTED BY: Dimitrios Glynos / 08.06.2009

Rasterbar libtorrent arbitrary file overwrite vulnerability

CENSUS ID:CENSUS-2009-0002
CVE ID:CVE-2009-1760
Affected Products:Any application that uses the Rasterbar Software libtorrent library (versions ≤ 0.14.3) for BitTorrent file downloads.
Class:Relative Path Traversal (CWE-23), Improper Handling of Syntactically Invalid Structure (CWE-228)
Remote:Yes
Discovered by:Dimitris Glynos

We have discovered an “arbitrary file overwrite” vulnerability in libtorrent that allows an attacker to create and modify arbitrary files (and directories) in remote systems, with the effective rights of the user executing the vulnerable libtorrent-based application.