Mandriva Linux Security Advisory 2010-014 - Directory traversal vulnerability in libtransmission/metainfo.c in Transmission 1.22, 1.34, 1.75, and 1.76 allows remote attackers to overwrite arbitrary files via a. (dot dot) in a pathname within a.torrent file. The updated packages have been patched to correct this issue.
23df28e11bb44fe8ffca6711696225f393a4868b5f12ee6db077eaf6cf096efe