Mandriva Linux Security Advisory 2010-014 – Directory traversal vulnerability in libtransmission/metainfo.c in Transmission 1.22, 1.34, 1.75, and 1.76 allows remote attackers to overwrite arbitrary files via a. (dot dot) in a pathname within a.torrent file. The updated packages have been patched to correct this issue.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/85381/MDVSA-2010-014.txt
Source: https://packetstormsecurity.com/files/85381/Mandriva-Linux-Security-Advisory-2010-014.html