CVE-2010-1853
Transmission 1.91 - Stack-Based Buffer Overflow via Crafted Magnet URL
Title source: llmDescription
Multiple stack-based buffer overflows in the tr_magnetParse function in libtransmission/magnet.c in Transmission 1.91 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted magnet URL with a large number of (1) tr or (2) ws links.
References (7)
Core 7
Core References
Various Sources x_refsource_confirm
http://trac.transmissionbt.com/ticket/2965
Various Sources x_refsource_confirm
http://trac.transmissionbt.com/changeset/10279
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/38814
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/63066
Third Party Advisory x_refsource_confirm
http://trac.transmissionbt.com/wiki/Changes
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/0655
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/39031
Scores
EPSS
0.0378
EPSS Percentile
88.7%
Details
CWE
CWE-119
Status
published
Products (1)
transmissionbt/transmission
1.91
Published
May 07, 2010
Tracked Since
Feb 18, 2026