CVE-2010-2252

Currently unrated

Key Information:

Vendor: Gnu
Status: Wget
Vendor: CVE Published:; 6 July 2010

Summary

GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a 3xx redirect to a URL with a .wgetrc filename followed by a 3xx redirect to a URL with a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory.

References

http://marc.info/?l=oss-security&m=127411372529485&w=2

mailing-listx_refsource_MLIST

https://bugzilla.redhat.com/show_bug.cgi?id=602797

x_refsource_CONFIRM

http://lists.gnu.org/archive/html/bug-wget/2010-05/msg000...

mailing-listx_refsource_MLIST

Timeline

Vulnerability published
Jul 6, 2010
Vulnerability Reserved
Jun 9, 2010