CVE-2008-4434

Name of the Vulnerable Software and Affected Versions: uTorrent versions 1.7.7 build 8179 and earlier BitTorrent versions 6.0.3 build 8642 and earlier

Description: A stack-based buffer overflow issue exists due to a boundary error in the processing of .torrent files. This can be exploited by tricking a user into opening a .torrent file containing an overly long created by field, potentially allowing execution of arbitrary code and causing a denial of service (crash).

Recommendations: For uTorrent versions 1.7.7 build 8179 and earlier, consider avoiding the use of .torrent files with long created by fields until a patch is available. For BitTorrent versions 6.0.3 build 8642 and earlier, restrict the processing of .torrent files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.