Mandriva Linux Security Advisory 2010:014: transmission

34

A vulnerability has been found and corrected in transmission:

Directory traversal vulnerability in libtransmission/metainfo.c in
Transmission 1.22, 1.34, 1.75, and 1.76 allows remote attackers to
overwrite arbitrary files via a .. (dot dot) in a pathname within a
.torrent file (CVE-2010-0012).

The updated packages have been patched to correct this issue…

Read More