CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7164
https://notcve.org/view.php?id=CVE-2016-7164
07 Feb 2017 — The construct function in puff.cpp in Libtorrent 1.1.0 allows remote torrent trackers to cause a denial of service (segmentation fault and crash) via a crafted GZIP response. La función construct en puff.cpp en Libtorrent 1.1.0 permite a los seguidores de torrent remotos provocar una denegación de servicio (fallo de segmentación y caída) a través de una respuesta GZIP manipulada. • http://www.openwall.com/lists/oss-security/2016/09/08/1 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2016-5301
https://notcve.org/view.php?id=CVE-2016-5301
30 Jun 2016 — The parse_chunk_header function in libtorrent before 1.1.1 allows remote attackers to cause a denial of service (crash) via a crafted (1) HTTP response or possibly a (2) UPnP broadcast. La función parse_chunk_header en libtorrent en versiones anteriores a 1.1.1 permite a atacantes remotos provocar una denegación de servicio (caída) a través de (1) una respuesta HTTP o posiblemente (2) una difusión UPnP manipuladas. • http://lists.opensuse.org/opensuse-updates/2016-06/msg00079.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2009-1760
https://notcve.org/view.php?id=CVE-2009-1760
11 Jun 2009 — Directory traversal vulnerability in src/torrent_info.cpp in Rasterbar libtorrent before 0.14.4, as used in firetorrent, qBittorrent, deluge Torrent, and other applications, allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) and partial relative pathname in a Multiple File Mode list element in a .torrent file. Vulnerabilidad de salto de directorio en src/torrent_info.cpp en Rasterbar libtorrent anteriores a v0.14.4, utilizado en firetorrent, qBittorrent, deluge Torrent, y otra... • http://census-labs.com/news/2009/06/08/libtorrent-rasterbar • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 3%CPEs: 2EXPL: 1CVE-2008-0646
https://notcve.org/view.php?id=CVE-2008-0646
07 Feb 2008 — The bdecode_recursive function in include/libtorrent/bencode.hpp in Rasterbar Software libtorrent before 0.12.1, as used in Deluge before 0.5.8.3 and other products, allows context-dependent attackers to cause a denial of service (stack exhaustion and crash) via a crafted bencoded message. La función recursiva bdecode en include/libtorrent/bencode.hpp en Rasterbar Software libtorrent versiones anteriores a 0.12.1, usado en Deluge versiones anteriores a 0.5.8.3 y en otros productos, permite a atacantes según... • http://deluge-torrent.org/Changelog.php • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •