CVE-2010-4651

描述

Directory traversal vulnerability in util.c in GNU patch 2.6.1 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a filename that is specified with a .. (dot dot) or full pathname, a related issue to CVE-2010-1679.

受影響套件(1)

• Debian/patchfrom 0

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2010-4651