CVE-2008-4434

Exp

Stack-based buffer overflow in (1) uTorrent 1.7.7 build 8179 and earlier and (2) BitTorrent 6.0.3 build 8642 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long Created By field in a .torrent file.

Published: 2008-10-03 Last update: 2026-04-23 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2008-4434 is rated High Exploit Risk (80.6/100): CVSS Critical severity, with high exploitation likelihood (EPSS 11.01%, 95th percentile). 1 public exploit reference(s) are indexed (Exploit-DB). Public exploits are available—assess exposure, apply mitigations, and prioritize patching.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Public exploit references (Exploit-DB) for CVE-2008-4434

EDB-ID Source Kind Published Link
6787 exploit_db edb 2008-10-19 Exploit-DB ↗

Exploit prediction scoring system (EPSS) score for CVE-2008-4434

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-15 25.80% 11.01% -14.79%
2 2025-11-23 25.52% 25.80% +0.29%
3 2025-10-21 25.52%

Full EPSS history (12 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2008-4434

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
9.3 2.0 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:M)
Exploitation needs some favorable conditions, but not exceptional ones.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:C)
Complete confidentiality impact.
Integrity impact (I:C)
Complete integrity impact.
Availability impact (A:C)
Complete availability impact.
 8.6 10.0 [email protected]

Weakness enumeration for CVE-2008-4434

Affected software / configurations for CVE-2008-4434

Vendor Product Version Raw CPE
utorrent utorrent <= 1.7.7 cpe:2.3:a:utorrent:utorrent:*:*:*:*:*:*:*:*
utorrent utorrent 1.1.1 cpe:2.3:a:utorrent:utorrent:1.1.1:*:*:*:*:*:*:*
utorrent utorrent 1.1.3 cpe:2.3:a:utorrent:utorrent:1.1.3:*:*:*:*:*:*:*
utorrent utorrent 1.1.4 cpe:2.3:a:utorrent:utorrent:1.1.4:*:*:*:*:*:*:*
utorrent utorrent 1.1.5 cpe:2.3:a:utorrent:utorrent:1.1.5:*:*:*:*:*:*:*
utorrent utorrent 1.1.6 cpe:2.3:a:utorrent:utorrent:1.1.6:*:*:*:*:*:*:*
utorrent utorrent 1.1.7 cpe:2.3:a:utorrent:utorrent:1.1.7:*:*:*:*:*:*:*
utorrent utorrent 1.2 cpe:2.3:a:utorrent:utorrent:1.2:*:*:*:*:*:*:*
utorrent utorrent 1.2.1 cpe:2.3:a:utorrent:utorrent:1.2.1:*:*:*:*:*:*:*
utorrent utorrent 1.2.2 cpe:2.3:a:utorrent:utorrent:1.2.2:*:*:*:*:*:*:*
utorrent utorrent 1.3 cpe:2.3:a:utorrent:utorrent:1.3:*:*:*:*:*:*:*
utorrent utorrent 1.4 cpe:2.3:a:utorrent:utorrent:1.4:*:*:*:*:*:*:*
utorrent utorrent 1.4.2 cpe:2.3:a:utorrent:utorrent:1.4.2:*:*:*:*:*:*:*
utorrent utorrent 1.5 cpe:2.3:a:utorrent:utorrent:1.5:*:*:*:*:*:*:*
utorrent utorrent 1.6 cpe:2.3:a:utorrent:utorrent:1.6:*:*:*:*:*:*:*
utorrent utorrent 1.7 cpe:2.3:a:utorrent:utorrent:1.7:*:*:*:*:*:*:*
utorrent utorrent 1.7.1 cpe:2.3:a:utorrent:utorrent:1.7.1:*:*:*:*:*:*:*
utorrent utorrent 1.7.2 cpe:2.3:a:utorrent:utorrent:1.7.2:*:*:*:*:*:*:*
utorrent utorrent 1.7.3 cpe:2.3:a:utorrent:utorrent:1.7.3:*:*:*:*:*:*:*
utorrent utorrent 1.7.4 cpe:2.3:a:utorrent:utorrent:1.7.4:*:*:*:*:*:*:*
utorrent utorrent 1.7.5 cpe:2.3:a:utorrent:utorrent:1.7.5:*:*:*:*:*:*:*
utorrent utorrent 1.7.6 cpe:2.3:a:utorrent:utorrent:1.7.6:*:*:*:*:*:*:*
bittorrent bittorrent <= 6.0.3 cpe:2.3:a:bittorrent:bittorrent:*:*:*:*:*:*:*:*
bittorrent bittorrent 3.9.1 cpe:2.3:a:bittorrent:bittorrent:3.9.1:*:*:*:*:*:*:*
bittorrent bittorrent 4.0.0 cpe:2.3:a:bittorrent:bittorrent:4.0.0:*:*:*:*:*:*:*
bittorrent bittorrent 4.0.1 cpe:2.3:a:bittorrent:bittorrent:4.0.1:*:*:*:*:*:*:*
bittorrent bittorrent 4.0.2 cpe:2.3:a:bittorrent:bittorrent:4.0.2:*:*:*:*:*:*:*
bittorrent bittorrent 4.0.3 cpe:2.3:a:bittorrent:bittorrent:4.0.3:*:*:*:*:*:*:*
bittorrent bittorrent 4.0.4 cpe:2.3:a:bittorrent:bittorrent:4.0.4:*:*:*:*:*:*:*
bittorrent bittorrent 4.1.0 cpe:2.3:a:bittorrent:bittorrent:4.1.0:*:*:*:*:*:*:*
bittorrent bittorrent 4.1.1 cpe:2.3:a:bittorrent:bittorrent:4.1.1:*:*:*:*:*:*:*
bittorrent bittorrent 4.1.2 cpe:2.3:a:bittorrent:bittorrent:4.1.2:*:*:*:*:*:*:*
bittorrent bittorrent 4.1.3 cpe:2.3:a:bittorrent:bittorrent:4.1.3:*:*:*:*:*:*:*
bittorrent bittorrent 4.1.4 cpe:2.3:a:bittorrent:bittorrent:4.1.4:*:*:*:*:*:*:*
bittorrent bittorrent 4.1.5 cpe:2.3:a:bittorrent:bittorrent:4.1.5:*:*:*:*:*:*:*
bittorrent bittorrent 4.1.6 cpe:2.3:a:bittorrent:bittorrent:4.1.6:*:*:*:*:*:*:*
bittorrent bittorrent 4.1.7 cpe:2.3:a:bittorrent:bittorrent:4.1.7:*:*:*:*:*:*:*
bittorrent bittorrent 4.1.8 cpe:2.3:a:bittorrent:bittorrent:4.1.8:*:*:*:*:*:*:*
bittorrent bittorrent 4.2.0 cpe:2.3:a:bittorrent:bittorrent:4.2.0:*:*:*:*:*:*:*
bittorrent bittorrent 4.2.1 cpe:2.3:a:bittorrent:bittorrent:4.2.1:*:*:*:*:*:*:*
bittorrent bittorrent 4.2.2 cpe:2.3:a:bittorrent:bittorrent:4.2.2:*:*:*:*:*:*:*
bittorrent bittorrent 4.3.0 cpe:2.3:a:bittorrent:bittorrent:4.3.0:*:*:*:*:*:*:*
bittorrent bittorrent 4.3.1 cpe:2.3:a:bittorrent:bittorrent:4.3.1:*:*:*:*:*:*:*
bittorrent bittorrent 4.3.2 cpe:2.3:a:bittorrent:bittorrent:4.3.2:*:*:*:*:*:*:*
bittorrent bittorrent 4.3.3 cpe:2.3:a:bittorrent:bittorrent:4.3.3:*:*:*:*:*:*:*
bittorrent bittorrent 4.3.4 cpe:2.3:a:bittorrent:bittorrent:4.3.4:*:*:*:*:*:*:*
bittorrent bittorrent 4.3.5 cpe:2.3:a:bittorrent:bittorrent:4.3.5:*:*:*:*:*:*:*
bittorrent bittorrent 4.3.6 cpe:2.3:a:bittorrent:bittorrent:4.3.6:*:*:*:*:*:*:*
bittorrent bittorrent 4.4.0 cpe:2.3:a:bittorrent:bittorrent:4.4.0:*:*:*:*:*:*:*
bittorrent bittorrent 4.4.1 cpe:2.3:a:bittorrent:bittorrent:4.4.1:*:*:*:*:*:*:*
bittorrent bittorrent 4.9.2 cpe:2.3:a:bittorrent:bittorrent:4.9.2:*:*:*:*:*:*:*
bittorrent bittorrent 4.9.3 cpe:2.3:a:bittorrent:bittorrent:4.9.3:*:*:*:*:*:*:*
bittorrent bittorrent 4.9.4 cpe:2.3:a:bittorrent:bittorrent:4.9.4:*:*:*:*:*:*:*
bittorrent bittorrent 4.9.5 cpe:2.3:a:bittorrent:bittorrent:4.9.5:*:*:*:*:*:*:*
bittorrent bittorrent 4.9.6 cpe:2.3:a:bittorrent:bittorrent:4.9.6:*:*:*:*:*:*:*
bittorrent bittorrent 4.9.7 cpe:2.3:a:bittorrent:bittorrent:4.9.7:*:*:*:*:*:*:*
bittorrent bittorrent 4.9.8 cpe:2.3:a:bittorrent:bittorrent:4.9.8:*:*:*:*:*:*:*
bittorrent bittorrent 4.9.9 cpe:2.3:a:bittorrent:bittorrent:4.9.9:*:*:*:*:*:*:*
bittorrent bittorrent 4.20.0 cpe:2.3:a:bittorrent:bittorrent:4.20.0:*:*:*:*:*:*:*
bittorrent bittorrent 4.20.1 cpe:2.3:a:bittorrent:bittorrent:4.20.1:*:*:*:*:*:*:*
bittorrent bittorrent 4.20.2 cpe:2.3:a:bittorrent:bittorrent:4.20.2:*:*:*:*:*:*:*
bittorrent bittorrent 4.20.3 cpe:2.3:a:bittorrent:bittorrent:4.20.3:*:*:*:*:*:*:*
bittorrent bittorrent 4.20.4 cpe:2.3:a:bittorrent:bittorrent:4.20.4:*:*:*:*:*:*:*
bittorrent bittorrent 4.20.6 cpe:2.3:a:bittorrent:bittorrent:4.20.6:*:*:*:*:*:*:*
bittorrent bittorrent 4.20.7 cpe:2.3:a:bittorrent:bittorrent:4.20.7:*:*:*:*:*:*:*
bittorrent bittorrent 4.20.8 cpe:2.3:a:bittorrent:bittorrent:4.20.8:*:*:*:*:*:*:*
bittorrent bittorrent 4.20.9 cpe:2.3:a:bittorrent:bittorrent:4.20.9:*:*:*:*:*:*:*
bittorrent bittorrent 4.22.0 cpe:2.3:a:bittorrent:bittorrent:4.22.0:*:*:*:*:*:*:*
bittorrent bittorrent 4.22.1 cpe:2.3:a:bittorrent:bittorrent:4.22.1:*:*:*:*:*:*:*
bittorrent bittorrent 4.22.4 cpe:2.3:a:bittorrent:bittorrent:4.22.4:*:*:*:*:*:*:*
bittorrent bittorrent 4.24.0 cpe:2.3:a:bittorrent:bittorrent:4.24.0:*:*:*:*:*:*:*
bittorrent bittorrent 4.24.2 cpe:2.3:a:bittorrent:bittorrent:4.24.2:*:*:*:*:*:*:*
bittorrent bittorrent 4.26.0 cpe:2.3:a:bittorrent:bittorrent:4.26.0:*:*:*:*:*:*:*
bittorrent bittorrent 4.27.1 cpe:2.3:a:bittorrent:bittorrent:4.27.1:*:*:*:*:*:*:*
bittorrent bittorrent 4.27.2 cpe:2.3:a:bittorrent:bittorrent:4.27.2:*:*:*:*:*:*:*
bittorrent bittorrent 5.0.0 cpe:2.3:a:bittorrent:bittorrent:5.0.0:*:*:*:*:*:*:*
bittorrent bittorrent 5.0.1 cpe:2.3:a:bittorrent:bittorrent:5.0.1:*:*:*:*:*:*:*
bittorrent bittorrent 5.0.2 cpe:2.3:a:bittorrent:bittorrent:5.0.2:*:*:*:*:*:*:*
bittorrent bittorrent 5.0.3 cpe:2.3:a:bittorrent:bittorrent:5.0.3:*:*:*:*:*:*:*
bittorrent bittorrent 5.0.4 cpe:2.3:a:bittorrent:bittorrent:5.0.4:*:*:*:*:*:*:*

References for CVE-2008-4434

cvelogic Threat Intelligence