Vulnerabilities

CVE-2010-3842

by Fred · 27/10/2010

Absolute path traversal vulnerability in curl 7.20.0 through 7.21.1, when the –remote-header-name or -J option is used, allows remote servers to create or overwrite arbitrary files by using (backslash) as a separator of path components within the Content-disposition HTTP header.

Date published : 2010-10-27

http://curl.haxx.se/docs/adv_20101013.html

https://bugzilla.redhat.com/show_bug.cgi?id=642642

Similar

Tags: Cybersecurity Alert