CVE-2007-1384 : Directory traversal vulnerability in torrent.cpp in KTorrent before 2.1.2 allows

Directory traversal vulnerability in torrent.cpp in KTorrent before 2.1.2 allows remote attackers to overwrite arbitrary files via ".." sequences in a torrent filename.

Published 2007-03-10 18:19:00

Updated 2025-04-09 00:30:58

Source MITRE

View at NVD, CVE.org

Vulnerability category: Directory traversal

Products affected by CVE-2007-1384

Joris Guisson » Ktorrent
Versions up to, including, (<=) 2.1.1
cpe:2.3:a:joris_guisson:ktorrent:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2007-1384

EPSS FAQ

1.09%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 76 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2007-1384

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
6.4	MEDIUM	AV:N/AC:L/Au:N/C:N/I:P/A:P	10.0	4.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: Partial

References for CVE-2007-1384

http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.401332

The Slackware Linux Project: Slackware Security Advisories

CVEs referencing this url
http://lists.kde.org/?l=kde-announce&m=117346514411140&w=2

'[kde-announce] KTorrent 2.1.2 is out' - MARC
Vendor Advisory

CVEs referencing this url
http://www.securityfocus.com/bid/22930

CVEs referencing this url
http://secunia.com/advisories/24459

About Secunia Research | Flexera

CVEs referencing this url
http://www.vupen.com/english/advisories/2007/0913

Site en construction

CVEs referencing this url
http://www.ubuntu.com/usn/usn-436-1

USN-436-1: KTorrent vulnerabilities | Ubuntu security notices | Ubuntu

CVEs referencing this url
http://security.gentoo.org/glsa/glsa-200705-01.xml

Ktorrent: Multiple vulnerabilities (GLSA 200705-01) — Gentoo security

CVEs referencing this url
http://secunia.com/advisories/24753

About Secunia Research | Flexera

CVEs referencing this url
http://secunia.com/advisories/24995

About Secunia Research | Flexera

CVEs referencing this url
http://www.securitytracker.com/id?1017747

Access Denied

CVEs referencing this url
http://ktorrent.org/forum/viewtopic.php?t=1401

Opps!

CVEs referencing this url
http://www.novell.com/linux/security/advisories/2007_007_suse.html

404 Page Not Found | SUSE

CVEs referencing this url
http://secunia.com/advisories/25097

About Secunia Research | Flexera

CVEs referencing this url
https://launchpad.net/bugs/91174

Bug #91174 “KTorrent security issue with releases <2.1.2 (Breezy...” : Bugs : ktorrent package : Ubuntu

CVEs referencing this url
http://secunia.com/advisories/24486

About Secunia Research | Flexera

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2007-1384

Products affected by CVE-2007-1384

Exploit prediction scoring system (EPSS) score for CVE-2007-1384

CVSS scores for CVE-2007-1384

References for CVE-2007-1384