RHSA-2017:3075-01 -- Redhat wgetID: oval:org.secpod.oval:def:502187 | Date: (C)2017-10-31 (M)2023-12-20 |
Class: PATCH | Family: unix |
The wget packages provide the GNU Wget file retrieval utility for HTTP, HTTPS, and FTP protocols. Security Fix: * A stack-based and a heap-based buffer overflow flaws were found in wget when processing chunked encoded HTTP responses. By tricking an unsuspecting user into connecting to a malicious HTTP server, an attacker could exploit these flaws to potentially execute arbitrary code. Red Hat would like to thank the GNU Wget project for reporting these issues.
Platform: |
Red Hat Enterprise Linux 7 |