Security Advisory

CVE-2010-3842

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2010-10-27 22:00:00

Last updated 2024-08-07 03:26:12

Assigner redhat

State PUBLISHED

Description

Absolute path traversal vulnerability in curl 7.20.0 through 7.21.1, when the --remote-header-name or -J option is used, allows remote servers to create or overwrite arbitrary files by using (backslash) as a separator of path components within the Content-disposition HTTP header.

← Browse all CVEs View on cve.org ↗