BitTorrent and uTorrent Peers Window Remote Code Execution Vulnerability

BitTorrent and uTorrent are prone to a remote code-execution vulnerability because the applications fail to perform adequate boundary checks on user-supplied data.

Attackers can exploit this issue to execute arbitrary code in the context of the application or to crash the affected application, denying service to legitimate users.

This issue affects the following versions:

BitTorrent 6.0
uTorrent 1.7.5
uTorrent 1.8-alpha-7834

Earlier versions may be affected as well.

UPDATE (January 24, 2008): This issue was originally documented as a denial-of-service issue, but reliable reports suggest that this issue can be exploited to execute arbitrary code.


Privacy Statement
Copyright 2010, SecurityFocus