CVE-2004-1488

{"id": "CVE-2004-1488", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2005-04-27T04:00:00.000", "references": [{"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=261755", "tags": ["Exploit", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=110269474112384&w=2", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/20960", "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1012472", "source": "cve@mitre.org"}, {"url": "http://www.novell.com/linux/security/advisories/2006_16_sr.html", "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/support/errata/RHSA-2005-771.html", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/11871", "tags": ["Exploit", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18421", "source": "cve@mitre.org"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9750", "source": "cve@mitre.org"}, {"url": "https://usn.ubuntu.com/145-1/", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "wget 1.8.x and 1.9.x does not filter or quote control characters when displaying HTTP responses to the terminal, which may allow remote malicious web servers to inject terminal escape sequences and execute arbitrary code."}, {"lang": "es", "value": "wget 1.8.x y 1.9.x no filtra o pone comillas a caract\u00e9res de control cuando se muestran respuestas HTTP en el terminal, lo que puede permitir a servidores web maliciosos inyectar secuencias de escape y ejecutar c\u00f3digo de su elecci\u00f3n."}], "lastModified": "2018-10-03T21:29:27.653", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:gnu:wget:1.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D5BF2616-A99A-4229-A8A6-655155ED5EB1"}, {"criteria": "cpe:2.3:a:gnu:wget:1.8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3A14454E-DDAE-4115-8323-8BB4E17DF208"}, {"criteria": "cpe:2.3:a:gnu:wget:1.8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "94E758F9-798B-4C25-A94A-8BF4E3E90B3E"}, {"criteria": "cpe:2.3:a:gnu:wget:1.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F88CD81A-7804-4316-8581-41689A318D56"}, {"criteria": "cpe:2.3:a:gnu:wget:1.9.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1BE0FCE2-ABB9-4943-96AE-C81277014396"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}