Intrusion Prevention

uTorrent.Torrent.File.Handling.Buffer.Overflow

Description

uTorrent has a heap-based buffer overflow vulnerability. A remote attacker could execute arbitrary code on the system via a torrent file with a crafted announce header.

Affected Products

uTorrent version 1.6 build 474 and prior.

Impact

System compromise.

Recommended Actions

Upgrade to the latest version, available from the web site.
http://www.utorrent.com/

CVE References

CVE-2007-0927