CVE-2010-4651

ADVISORY - nist

Summary

Directory traversal vulnerability in util.c in GNU patch 2.6.1 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a filename that is specified with a .. (dot dot) or full pathname, a related issue to CVE-2010-1679.

EPSS Score⁠: 0.0183 (0.822)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-22⁠

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Impacted images

Advisories

NIST

CREATED

14 years ago

UPDATED

4 months ago

ADVISORY IDCVE-2010-4651⁠

EXPLOITABILITY SCORE

8.6

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-22⁠

CVSS SCORE

5.8medium

Debian

CREATED

14 years ago

UPDATED

19 days ago

ADVISORY IDCVE-2010-4651⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

14 years ago

UPDATED

5 months ago

ADVISORY IDCVE-2010-4651⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Red Hat

CREATED

15 years ago

UPDATED

5 months ago

ADVISORY IDCVE-2010-4651⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

2.1low