Back to search
CVE-2010-4651
Published: Mar 11, 2011
Modified: Aug 7, 2024
PUBLISHED
Description
Directory traversal vulnerability in util.c in GNU patch 2.6.1 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a filename that is specified with a .. (dot dot) or full pathname, a related issue to CVE-2010-1679.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
ADV-2011-0600
vdb-entry
x_refsource_VUPEN
http://support.apple.com/kb/HT4723
x_refsource_CONFIRM
[oss-security] 20110106 Re: CVE request: patch directory traversal flaw
mailing-list
x_refsource_MLIST
46768
vdb-entry
x_refsource_BID
APPLE-SA-2011-06-23-1
vendor-advisory
x_refsource_APPLE
[oss-security] 20110106 Re: CVE request: patch directory traversal flaw
mailing-list
x_refsource_MLIST
https://bugzilla.redhat.com/show_bug.cgi?id=667529
x_refsource_CONFIRM
FEDORA-2011-1269
vendor-advisory
x_refsource_FEDORA
[oss-security] 20110106 Re: CVE request: patch directory traversal flaw
mailing-list
x_refsource_MLIST
43677
third-party-advisory
x_refsource_SECUNIA
FEDORA-2011-1272
vendor-advisory
x_refsource_FEDORA
[oss-security] 20110105 CVE request: patch directory traversal flaw
mailing-list
x_refsource_MLIST
[bug-patch] 20101230 Directory traversal vulnerability in patch (or dpkg-source) (fwd)
mailing-list
x_refsource_MLIST
43663
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now