Vulnerability Database

289,689

Total vulnerabilities in the database

CVE-2004-1487

wget 1.8.x and 1.9.x allows a remote malicious web server to overwrite certain files via a redirection URL containing a ".." that resolves to the IP address of the malicious server, which bypasses wget's filtering for ".." sequences.

  • Published: Apr 27, 2005
  • Updated: Apr 13, 2023
  • CVE: CVE-2004-1487
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Software From Fixed in
gnu / wget 1.8.2 1.8.2.x
gnu / wget 1.9 1.9.x
gnu / wget 1.8 1.8.x
gnu / wget 1.8.1 1.8.1.x
gnu / wget 1.9.1 1.9.1.x