A vulnerability, which was classified as critical, has been found in uTorrent. This issue affects some unknown processing of the component Guest Account. The manipulation leads to privilege escalation. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component.
References
Link | Resource |
---|---|
http://www.math.sci.hiroshima-u.ac.jp/~m-mat/MT/efaq.html | Third Party Advisory |
https://bugs.chromium.org/p/project-zero/issues/detail?id=1524 | Exploit Issue Tracking Mailing List Third Party Advisory |
https://vuldb.com/?id.113807 | Exploit Third Party Advisory VDB Entry |
http://www.math.sci.hiroshima-u.ac.jp/~m-mat/MT/efaq.html | Third Party Advisory |
https://bugs.chromium.org/p/project-zero/issues/detail?id=1524 | Exploit Issue Tracking Mailing List Third Party Advisory |
https://vuldb.com/?id.113807 | Exploit Third Party Advisory VDB Entry |
Configurations
History
21 Nov 2024, 04:03
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 6.8
v3 : 6.3 |
References | () http://www.math.sci.hiroshima-u.ac.jp/~m-mat/MT/efaq.html - Third Party Advisory | |
References | () https://bugs.chromium.org/p/project-zero/issues/detail?id=1524 - Exploit, Issue Tracking, Mailing List, Third Party Advisory | |
References | () https://vuldb.com/?id.113807 - Exploit, Third Party Advisory, VDB Entry |
Information
Published : 2022-06-17 13:15
Updated : 2024-11-21 04:03
NVD link : CVE-2018-25044
Mitre link : CVE-2018-25044
CVE.ORG link : CVE-2018-25044
JSON object : View
Products Affected
bittorrent
- utorrent
CWE
CWE-269
Improper Privilege Management