CVE-2004-1175

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2004-1175

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2004-1175.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2004-1175

Downstream

DEBIAN-CVE-2004-1175

DSA-639-1

Published

2005-04-14T04:00:00Z

Modified

2025-08-09T19:01:26Z

Summary

[none]

Details

fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters.

References

http://secunia.com/advisories/13863/
http://www.debian.org/security/2005/dsa-639
http://securitytracker.com/id?1012903
http://www.redhat.com/support/errata/RHSA-2005-512.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/18906

CVE-2004-1175

Affected packages