CVE-2007-1385 - Vulnerability Details - OpenCVE

chunkcounter.cpp in KTorrent before 2.1.2 allows remote attackers to cause a denial of service (crash) and heap corruption via a negative or large idx value.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Joris Guisson	Ktorrent

Configuration 1 [-]

cpe:2.3:a:joris_guisson:ktorrent:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://ktorrent.org/forum/viewtopic.php?t=1401
http://lists.kde.org/?l=kde-announce&m=117346514411140&w=2
http://secunia.com/advisories/24459
http://secunia.com/advisories/24486
http://secunia.com/advisories/24753
http://secunia.com/advisories/24995
http://secunia.com/advisories/25097
http://security.gentoo.org/glsa/glsa-200705-01.xml
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.401332
http://www.novell.com/linux/security/advisories/2007_007_suse.html
http://www.securityfocus.com/bid/22930
http://www.securitytracker.com/id?1017747
http://www.ubuntu.com/usn/usn-436-1
http://www.vupen.com/english/advisories/2007/0913
https://launchpad.net/bugs/91174

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-03-10T18:00:00

Updated: 2024-08-07T12:50:35.026Z

Reserved: 2007-03-10T00:00:00

Link: CVE-2007-1385

Vulnrichment

No data.

NVD

Status : Modified

Published: 2007-03-10T18:19:00.000

Modified: 2024-11-21T00:28:11.017

Link: CVE-2007-1385

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-03-09T00:00:00", "descriptions": [{"lang": "en", "value": "chunkcounter.cpp in KTorrent before 2.1.2 allows remote attackers to cause a denial of service (crash) and heap corruption via a negative or large idx value."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2007-03-21T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://ktorrent.org/forum/viewtopic.php?t=1401"}, {"name": "USN-436-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/usn-436-1"}, {"name": "[kde-announce] 20070309 KTorrent 2.1.2 is out", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.kde.org/?l=kde-announce&m=117346514411140&w=2"}, {"name": "24753", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24753"}, {"name": "SUSE-SR:2007:007", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://www.novell.com/linux/security/advisories/2007_007_suse.html"}, {"name": "24486", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24486"}, {"name": "24995", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24995"}, {"name": "25097", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25097"}, {"name": "ADV-2007-0913", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/0913"}, {"name": "24459", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24459"}, {"name": "22930", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/22930"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://launchpad.net/bugs/91174"}, {"name": "1017747", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1017747"}, {"name": "GLSA-200705-01", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200705-01.xml"}, {"name": "SSA:2007-093-02", "tags": ["vendor-advisory", "x_refsource_SLACKWARE"], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.401332"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-1385", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "chunkcounter.cpp in KTorrent before 2.1.2 allows remote attackers to cause a denial of service (crash) and heap corruption via a negative or large idx value."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://ktorrent.org/forum/viewtopic.php?t=1401", "refsource": "CONFIRM", "url": "http://ktorrent.org/forum/viewtopic.php?t=1401"}, {"name": "USN-436-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-436-1"}, {"name": "[kde-announce] 20070309 KTorrent 2.1.2 is out", "refsource": "MLIST", "url": "http://lists.kde.org/?l=kde-announce&m=117346514411140&w=2"}, {"name": "24753", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24753"}, {"name": "SUSE-SR:2007:007", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2007_007_suse.html"}, {"name": "24486", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24486"}, {"name": "24995", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24995"}, {"name": "25097", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25097"}, {"name": "ADV-2007-0913", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/0913"}, {"name": "24459", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24459"}, {"name": "22930", "refsource": "BID", "url": "http://www.securityfocus.com/bid/22930"}, {"name": "https://launchpad.net/bugs/91174", "refsource": "CONFIRM", "url": "https://launchpad.net/bugs/91174"}, {"name": "1017747", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1017747"}, {"name": "GLSA-200705-01", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200705-01.xml"}, {"name": "SSA:2007-093-02", "refsource": "SLACKWARE", "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.401332"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T12:50:35.026Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://ktorrent.org/forum/viewtopic.php?t=1401"}, {"name": "USN-436-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/usn-436-1"}, {"name": "[kde-announce] 20070309 KTorrent 2.1.2 is out", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lists.kde.org/?l=kde-announce&m=117346514411140&w=2"}, {"name": "24753", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24753"}, {"name": "SUSE-SR:2007:007", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://www.novell.com/linux/security/advisories/2007_007_suse.html"}, {"name": "24486", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24486"}, {"name": "24995", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24995"}, {"name": "25097", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25097"}, {"name": "ADV-2007-0913", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/0913"}, {"name": "24459", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24459"}, {"name": "22930", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/22930"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://launchpad.net/bugs/91174"}, {"name": "1017747", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1017747"}, {"name": "GLSA-200705-01", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-200705-01.xml"}, {"name": "SSA:2007-093-02", "tags": ["vendor-advisory", "x_refsource_SLACKWARE", "x_transferred"], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.401332"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-1385", "datePublished": "2007-03-10T18:00:00", "dateReserved": "2007-03-10T00:00:00", "dateUpdated": "2024-08-07T12:50:35.026Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:joris_guisson:ktorrent:*:*:*:*:*:*:*:*", "matchCriteriaId": "C9894651-DC4D-45FA-AB05-2F0FCFCBAA19", "versionEndIncluding": "2.1.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "chunkcounter.cpp in KTorrent before 2.1.2 allows remote attackers to cause a denial of service (crash) and heap corruption via a negative or large idx value."}, {"lang": "es", "value": "chunkcounter.cpp en KTorrent anterior a 2.1.2 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) y corrupci\u00f3n del mont\u00f3n mediante un valor negativo o grande de idx."}], "evaluatorComment": "This vulnerability has been addressed in the following product update:\r\nhttp://ktorrent.org/index.php?page=downloads", "id": "CVE-2007-1385", "lastModified": "2024-11-21T00:28:11.017", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-03-10T18:19:00.000", "references": [{"source": "cve@mitre.org", "url": "http://ktorrent.org/forum/viewtopic.php?t=1401"}, {"source": "cve@mitre.org", "url": "http://lists.kde.org/?l=kde-announce&m=117346514411140&w=2"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/24459"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/24486"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/24753"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/24995"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/25097"}, {"source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200705-01.xml"}, {"source": "cve@mitre.org", "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.401332"}, {"source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/2007_007_suse.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/22930"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1017747"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/usn-436-1"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2007/0913"}, {"source": "cve@mitre.org", "url": "https://launchpad.net/bugs/91174"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://ktorrent.org/forum/viewtopic.php?t=1401"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.kde.org/?l=kde-announce&m=117346514411140&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/24459"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/24486"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/24753"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/24995"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/25097"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200705-01.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.401332"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2007_007_suse.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/22930"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1017747"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/usn-436-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2007/0913"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://launchpad.net/bugs/91174"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}