CVE-2004-1488

Exploit

EPSS 13.3%
Veröffentlicht 27.04.2005 04:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

wget 1.8.x and 1.9.x does not filter or quote control characters when displaying HTTP responses to the terminal, which may allow remote malicious web servers to inject terminal escape sequences and execute arbitrary code.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 13

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Gnu ≫ Wget Version1.8

Gnu ≫ Wget Version1.8.1

Gnu ≫ Wget Version1.8.2

Gnu ≫ Wget Version1.9

Gnu ≫ Wget Version1.9.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	13.3%	0.935

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:P/A:N

http://www.redhat.com/support/errata/RHSA-2005-771.html

https://usn.ubuntu.com/145-1/

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=261755

Vendor Advisory

Exploit

http://marc.info/?l=bugtraq&m=110269474112384&w=2

http://securitytracker.com/id?1012472

http://www.securityfocus.com/bid/11871

Vendor Advisory

Exploit

http://secunia.com/advisories/20960

http://www.novell.com/linux/security/advisories/2006_16_sr.html

https://exchange.xforce.ibmcloud.com/vulnerabilities/18421

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9750

https://nvd.nist.gov/vuln/detail/CVE-2004-1488

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2004-1488

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2004-1488

EUVD