CVE-2010-4651

Currently unrated

Key Information:

Vendor: Gnu
Status: Gnu Patch
Vendor: CVE Published:; 11 March 2011

Summary

Directory traversal vulnerability in util.c in GNU patch 2.6.1 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a filename that is specified with a .. (dot dot) or full pathname, a related issue to CVE-2010-1679.

References

http://www.vupen.com/english/advisories/2011/0600

vdb-entryx_refsource_VUPEN

http://support.apple.com/kb/HT4723

x_refsource_CONFIRM

http://openwall.com/lists/oss-security/2011/01/06/20

mailing-listx_refsource_MLIST

Timeline

Vulnerability published
Mar 11, 2011
Vulnerability Reserved
Jan 3, 2011