CVE-2008-7166

Sažetak

Buffer overflow in the web interface in BitTorrent 6.0.1 (build 7859) and earlier, and uTorrent 1.7.6 (build 7859) and earlier, allows remote attackers to cause a denial of service (memory consumption and crash) via a crafted Range header. NOTE: this is probably a different vulnerability than CVE-2008-0071 and CVE-2008-0364.

Reference

http://aluigi.altervista.org/adv/ruttorrent2-adv.txt
http://osvdb.org/42825
http://osvdb.org/42826
http://secunia.com/advisories/28686
http://secunia.com/advisories/28695
http://www.vupen.com/english/advisories/2008/0326
http://www.vupen.com/english/advisories/2008/0327

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:N/A:P

Zadnje važnije ažuriranje

09-09-2009 - 04:00

Objavljeno

04-09-2009 - 10:30