Unrated severityNVD Advisory· Published Mar 3, 2009· Updated Apr 23, 2026

CVE-2009-0753

Description

Absolute path traversal vulnerability in MLDonkey 2.8.4 through 2.9.7 allows remote attackers to read arbitrary files via a leading "//" (double slash) in the filename.

Affected products

Mldonkey/Mldonkey5 versions
cpe:2.3:a:mldonkey:mldonkey:2.8.4:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:mldonkey:mldonkey:2.8.4:*:*:*:*:*:*:*
- cpe:2.3:a:mldonkey:mldonkey:2.8.7:*:*:*:*:*:*:*
- cpe:2.3:a:mldonkey:mldonkey:2.9:*:*:*:*:*:*:*
- cpe:2.3:a:mldonkey:mldonkey:2.9.0-r3:*:*:*:*:*:*:*
- cpe:2.3:a:mldonkey:mldonkey:2.9.7:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/34008nvdVendor Advisory
savannah.nongnu.org/bugs/nvd
secunia.com/advisories/34306nvd
secunia.com/advisories/34345nvd
secunia.com/advisories/34436nvd
www.debian.org/security/2009/dsa-1739nvd
www.gentoo.org/security/en/glsa/glsa-200903-36.xmlnvd
www.openwall.com/lists/oss-security/2009/02/23/1nvd
www.securityfocus.com/bid/33865nvd
www.exploit-db.com/exploits/8097nvd
www.redhat.com/archives/fedora-package-announce/2009-March/msg00542.htmlnvd
www.redhat.com/archives/fedora-package-announce/2009-March/msg00617.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.009
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000