ID CVE-2006-0339
Summary Buffer overflow in BitComet Client 0.60 allows remote attackers to execute arbitrary code, when the publisher's name link is clicked, via a long publisher URI in a torrent file.
References
Vulnerable Configurations
  • cpe:2.3:a:bitcomet:bitcomet:0.60
    cpe:2.3:a:bitcomet:bitcomet:0.60
CVSS
Base: 7.5 (as of 23-01-2006 - 10:23)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
NASL family Peer-To-Peer File Sharing
NASL id BITCOMET_061.NASL
description The version of BitComet installed on the remote Windows host has a buffer overflow flaw that could be triggered using a .torrent with a specially crafted publisher's name to crash the application or even execute arbitrary code remotely subject to the user's privileges.
last seen 2019-02-21
modified 2018-11-15
plugin id 20749
published 2006-01-20
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=20749
title BitComet Client .torrent URI Handling Overflow
refmap via4
bid 16311
bugtraq
  • 20060118 Fortinet Advisory: BitComet URI Buffer Overflow Vulnerability
  • 20060122 BitComet URI Proof of Concept
confirm http://www.bitcomet.com/doc/changelog.htm
fulldisc 20060118 Fortinet Advisory: BitComet URI Buffer Overflow Vulnerability
misc http://www.fortinet.com/FortiGuardCenter/FSA-2006-07.html
osvdb 22625
secunia 18522
sreason 357
vupen ADV-2006-0251
xf bitcomet-torrent-publisher-bo(24229)
Last major update 07-03-2011 - 21:29
Published 20-01-2006 - 19:03
Last modified 19-10-2018 - 11:44
Back to Top