CVE-2010-4651

EPSS 1.8%

Published: 3/11/2011Modified: 4/28/2026

Also known as:DEBIAN-CVE-2010-4651

Description

Directory traversal vulnerability in util.c in GNU patch 2.6.1 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a filename that is specified with a .. (dot dot) or full pathname, a related issue to CVE-2010-1679.

Affected packages (1)

Debian/patchfrom 0

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2010-4651