Upstream information

CVE-2010-0748 at MITRE

Description

Transmission before 1.92 allows an attacker to cause a denial of service (crash) or possibly have other unspecified impact via a large number of tr arguments in a magnet link.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 7.5
Vector AV:N/AC:L/Au:N/C:P/I:P/A:P
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact Partial
CVSS v3 Scores
  National Vulnerability Database
Base Score 9.8
Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Access Vector Network
Access Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality Impact High
Integrity Impact High
Availability Impact High
CVSSv3 Version 3.1
SUSE Bugzilla entry: 589268 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE 11.0
  • transmission-debuginfo >= 1.11-18.4
  • transmission-debugsource >= 1.11-18.4
openSUSE 11.0
  • transmission >= 1.11-18.4
  • transmission-gtk >= 1.11-18.4
  • transmission-lang >= 1.11-18.4
openSUSE 11.1
  • transmission-debuginfo >= 1.34-1.33.1
  • transmission-debugsource >= 1.34-1.33.1
openSUSE 11.1
  • transmission >= 1.34-1.33.1
  • transmission-gtk >= 1.34-1.33.1
  • transmission-lang >= 1.34-1.33.1
openSUSE 11.2
  • transmission-debuginfo >= 1.74-4.8.1
  • transmission-debugsource >= 1.74-4.8.1
  • transmission-gtk-debuginfo >= 1.74-4.8.1
  • transmission-qt-debuginfo >= 1.74-4.8.1
openSUSE 11.2
  • transmission >= 1.74-4.8.1
  • transmission-common >= 1.74-4.8.1
  • transmission-common-lang >= 1.74-4.8.1
  • transmission-gtk >= 1.74-4.8.1
  • transmission-qt >= 1.74-4.8.1