CVE-2004-1487
published 2005-04-27CVE-2004-1487: wget 1.8.x and 1.9.x allows a remote malicious web server to overwrite certain files via a redirection URL containing a ".." that resolves to the IP address of…
medium5CVSS 3.1
AVNACLAuNCNIPAN
wget 1.8.x and 1.9.x allows a remote malicious web server to overwrite certain files via a redirection URL containing a ".." that resolves to the IP address of the malicious server, which bypasses wget's filtering for ".." sequences.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | wget | < wget 1.9.1-11 (bookworm) | wget 1.9.1-11 (bookworm) |
| gnu | wget | — | — |
| gnu | wget | — | — |
| gnu | wget | — | — |
| gnu | wget | — | — |
| gnu | wget | — | — |
| gnu | wget | >= 0 < 1.9.1-11 | 1.9.1-11 |
| gnu | wget | >= 0 < 1.9.1-11 | 1.9.1-11 |
| gnu | wget | >= 0 < 1.9.1-11 | 1.9.1-11 |
| gnu | wget | >= 0 < 1.9.1-11 | 1.9.1-11 |
CVSS provenance
nvd5.0MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:N
osv5.0MEDIUM