Oval Definition:oval:org.mitre.oval:def:7068
Revision Date:2014-06-23Version:20
Title:DSA-1967 transmission -- directory traversal
Description:Dan Rosenberg discovered that Transmission, a lightwight client for the Bittorrent filesharing protocol, performs insufficient sanitising of file names specified in .torrent files. This could lead to the overwrite of local files with the privileges of the user running Transmission if the user is tricked into opening a malicious torrent file.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2010-0012
DSA-1967
Platform(s):Debian GNU/Linux 5.0
Product(s):transmission
Definition Synopsis
  • Debian GNU/Linux 5.0 is installed
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND Packages section
  • transmission is earlier than 1.22-1+lenny2
  • OR transmission-common is earlier than 1.22-1+lenny2
  • OR Architecture dependent section
  • Supported architectures section
  • Installed architecture is s390
  • OR Installed architecture is amd64
  • OR Installed architecture is sparc
  • OR Installed architecture is arm
  • OR Installed architecture is i386
  • OR Installed architecture is armel
  • OR Installed architecture is ia64
  • OR Installed architecture is alpha
  • OR Installed architecture is powerpc
  • OR Installed architecture is mipsel
  • OR Installed architecture is hppa
  • AND Packages section
  • transmission-gtk is earlier than 1.22-1+lenny2
  • OR transmission-cli is earlier than 1.22-1+lenny2
    • BACK