CVE-2004-1488

Exploit

EPSS 13.3%
Published 27.04.2005 04:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

wget 1.8.x and 1.9.x does not filter or quote control characters when displaying HTTP responses to the terminal, which may allow remote malicious web servers to inject terminal escape sequences and execute arbitrary code.

Affected products Warnungen 0 Metrics 2 CWE 0 References 13

Data is provided by the National Vulnerability Database (NVD)

Gnu ≫ Wget Version1.8

Gnu ≫ Wget Version1.8.1

Gnu ≫ Wget Version1.8.2

Gnu ≫ Wget Version1.9

Gnu ≫ Wget Version1.9.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	13.3%	0.935

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:P/A:N

http://www.redhat.com/support/errata/RHSA-2005-771.html

https://usn.ubuntu.com/145-1/

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=261755

Vendor Advisory

Exploit

http://marc.info/?l=bugtraq&m=110269474112384&w=2

http://securitytracker.com/id?1012472

http://www.securityfocus.com/bid/11871

Vendor Advisory

Exploit

http://secunia.com/advisories/20960

http://www.novell.com/linux/security/advisories/2006_16_sr.html

https://exchange.xforce.ibmcloud.com/vulnerabilities/18421

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9750

https://nvd.nist.gov/vuln/detail/CVE-2004-1488

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2004-1488

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2004-1488

EUVD