First published: Wed Oct 30 2019(Updated: )
Transmission before 1.92 allows an attacker to cause a denial of service (crash) or possibly have other unspecified impact via a large number of tr arguments in a magnet link.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Debian Debian Linux | =8.0 | |
Debian Debian Linux | =9.0 | |
Debian Debian Linux | =10.0 | |
Transmissionbt Transmission | <1.92 | |
Linux Linux kernel | ||
debian/transmission | 3.00-1 3.00-2.1+deb12u1 4.0.6+dfsg-3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2010-0748 is a vulnerability in Transmission before version 1.92 that allows an attacker to cause a denial of service (crash) or possibly have other unspecified impact via a large number of tr arguments in a magnet link.
CVE-2010-0748 has a severity of 9.8 (critical).
CVE-2010-0748 affects Transmission versions up to and excluding 1.92.
To fix CVE-2010-0748 on Debian Linux, update the transmission package to one of the following versions: 2.94-2+deb10u2, 3.00-1, 3.00-2.1+deb12u1, or 4.0.2-1.
You can find more information about CVE-2010-0748 at the following references: [1] https://trac.transmissionbt.com/ticket/2965, [2] https://github.com/transmission/transmission/wiki/Release-Notes#transmission-192-20100314, [3] https://security-tracker.debian.org/tracker/CVE-2010-0748.