CVE-2010-1853

Transmission 1.91 - Stack-Based Buffer Overflow via Crafted Magnet URL

Title source: llm
STIX 2.1

Description

Multiple stack-based buffer overflows in the tr_magnetParse function in libtransmission/magnet.c in Transmission 1.91 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted magnet URL with a large number of (1) tr or (2) ws links.

References (7)

Core 7
Core References
Various Sources x_refsource_confirm
http://trac.transmissionbt.com/ticket/2965
Various Sources x_refsource_confirm
http://trac.transmissionbt.com/changeset/10279
Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/38814
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/63066
Third Party Advisory x_refsource_confirm
http://trac.transmissionbt.com/wiki/Changes
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/0655
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/39031

Scores

EPSS 0.0378
EPSS Percentile 88.7%

Details

CWE
CWE-119
Status published
Products (1)
transmissionbt/transmission 1.91
Published May 07, 2010
Tracked Since Feb 18, 2026