Multiple vulnerabilities in uTorrent
| Risk | Low |
| Patch available | NO |
| Number of vulnerabilities | 2 |
| CVE-ID | N/A |
| CWE-ID | CWE-264 CWE-200 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
uTorrent Client/Desktop applications / Other client software |
| Vendor | utorrent.com |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Security restrictions bypass
EUVDB-ID: #VU10676
Risk: Low
CVSSv3.1: 9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass security restriction on the target system.
The weakness exists due to perform DNS rebinding attack, host JavaScript code on a website to
create a bridge to the local network, bypass the same-origin policy
(SOP), change the download directory to the Startup folder in Windows
and download an executable file to any writable location, which would
run on every startup.
The vendor has issued an incomplete security fix for the vulnerability.
Vulnerable software versionsuTorrent: 3.0 - 3.4.2
External linkshttp://bugs.chromium.org/p/project-zero/issues/detail?id=1524
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Information disclosure
EUVDB-ID: #VU10677
Risk: Low
CVSSv3.1: 4.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: N/A
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The weakness exists due to improper access and privileges controls. A remote attacker can bypass ASLR and GS exploit mitigations and obtain the targeted user’s download history.
The vendor has issued an incomplete security fix for the vulnerability.
uTorrent: 3.0 - 3.4.2
External linkshttp://bugs.chromium.org/p/project-zero/issues/detail?id=1524
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
