Transmission before 1.92 allows an attacker to cause a denial of service (crash) or possibly have other unspecified impact via a large number of tr arguments in a magnet link.
References
Link | Resource |
---|---|
https://trac.transmissionbt.com/ticket/2965 | Exploit Issue Tracking Vendor Advisory |
https://github.com/transmission/transmission/wiki/Release-Notes#transmission-192-20100314 | Release Notes Third Party Advisory |
https://security-tracker.debian.org/tracker/CVE-2010-0748 | Third Party Advisory |
https://www.openwall.com/lists/oss-security/2010/04/01/9 | Mailing List Patch Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0748 | Issue Tracking Patch Third Party Advisory |
Configurations
Information
Published : 2019-10-30 16:15
Updated : 2020-08-18 08:05
NVD link : CVE-2010-0748
Mitre link : CVE-2010-0748
JSON object : View
CWE
CWE-20
Improper Input Validation
Products Affected
transmissionbt
- transmission
debian
- debian_linux
linux
- linux_kernel