{"id":"CVE-2007-1799","details":"Directory traversal vulnerability in torrent.cpp in KTorrent before 2.1.3 only checks for the \"..\" string, which allows remote attackers to overwrite arbitrary files via modified \"..\" sequences in a torrent filename, as demonstrated by \"../\" sequences, due to an incomplete fix for CVE-2007-1384.","modified":"2026-04-10T03:38:47.201383Z","published":"2007-04-02T22:19:00Z","references":[{"type":"ADVISORY","url":"http://secunia.com/advisories/24995"},{"type":"ADVISORY","url":"http://secunia.com/advisories/25097"},{"type":"ADVISORY","url":"http://secunia.com/advisories/26773"},{"type":"ADVISORY","url":"http://security.gentoo.org/glsa/glsa-200705-01.xml"},{"type":"ADVISORY","url":"http://www.debian.org/security/2007/dsa-1373"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:095"},{"type":"ADVISORY","url":"http://www.novell.com/linux/security/advisories/2007_007_suse.html"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/usn-436-2"},{"type":"WEB","url":"http://bugs.kde.org/show_bug.cgi?id=143637"},{"type":"WEB","url":"http://www.securityfocus.com/bid/23745"},{"type":"WEB","url":"https://bugs.gentoo.org/show_bug.cgi?id=170303"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/33566"}],"schema_version":"1.7.5"}