CVE-2010-4651
published 2011-03-11CVE-2010-4651: Directory traversal vulnerability in util.c in GNU patch 2.6.1 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a…
medium5.8CVSS 3.1
AVNACMAuNCNIPAP
Directory traversal vulnerability in util.c in GNU patch 2.6.1 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a filename that is specified with a .. (dot dot) or full pathname, a related issue to CVE-2010-1679.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | patch | — | — |
| gnu | gnu_patch | <= 2.6.1 | — |
| gnu | gnu_patch | — | — |
| gnu | gnu_patch | — | — |
| gnu | gnu_patch | — | — |
| gnu | gnu_patch | — | — |
| gnu | patch | >= 0 < 2.7.1-4ubuntu2.3 | 2.7.1-4ubuntu2.3 |
CVSS provenance
nvd5.8MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:P
osv6.8MEDIUM