CVE-2004-1488

2005-04-2704:00:00

Debian Security Bug Tracker

security-tracker.debian.org

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.019 Low

EPSS

Percentile

88.8%

JSON

wget 1.8.x and 1.9.x does not filter or quote control characters when displaying HTTP responses to the terminal, which may allow remote malicious web servers to inject terminal escape sequences and execute arbitrary code.

OSVersionArchitecturePackageVersionFilename
Debian12allwget< 1.9.1-11wget_1.9.1-11_all.deb
Debian11allwget< 1.9.1-11wget_1.9.1-11_all.deb
Debian10allwget< 1.9.1-11wget_1.9.1-11_all.deb
Debian999allwget< 1.9.1-11wget_1.9.1-11_all.deb
Debian13allwget< 1.9.1-11wget_1.9.1-11_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	wget	< 1.9.1-11	wget_1.9.1-11_all.deb
Debian	11	all	wget	< 1.9.1-11	wget_1.9.1-11_all.deb
Debian	10	all	wget	< 1.9.1-11	wget_1.9.1-11_all.deb
Debian	999	all	wget	< 1.9.1-11	wget_1.9.1-11_all.deb
Debian	13	all	wget	< 1.9.1-11	wget_1.9.1-11_all.deb