GNU Wget CVE-2010-2252 Arbitrary File Overwrite Vulnerability

GNU Wget is prone to an arbitrary file-overwrite vulnerability because it fails to properly sanitize user-supplied data.

Attackers can overwrite arbitrary files on an unsuspecting user's computer in the context of the vulnerable application. Due to the nature of this issue, arbitrary code-execution may be possible.

Note: This issue was previously titled 'Multiple Http Clients and File Transfer Tools Arbitrary File Overwrite Vulnerability'. The title and technical details have been changed to better reflect the underlying component affected.

GNU Wget 1.12 and prior versions are available.


 

Privacy Statement
Copyright 2010, SecurityFocus