Directory traversal vulnerability in util.c in GNU patch 2.6.1 and previous versions allows user-assisted remote malicious users to create or overwrite arbitrary files via a filename that is specified with a .. (dot dot) or full pathname, a related issue to CVE-2010-1679.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnu gnu patch |
||
gnu gnu patch 2.6 |
||
gnu gnu patch 2.5 |
||
gnu gnu patch 2.5.9 |
||
gnu gnu patch 2.5.4 |