Unrated severityNVD Advisory· Published Apr 27, 2005· Updated Apr 16, 2026

CVE-2004-1488

Description

wget 1.8.x and 1.9.x does not filter or quote control characters when displaying HTTP responses to the terminal, which may allow remote malicious web servers to inject terminal escape sequences and execute arbitrary code.

Affected products

GNU/Wget5 versions
cpe:2.3:a:gnu:wget:1.8:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:gnu:wget:1.8:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:wget:1.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:wget:1.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:wget:1.9:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:wget:1.9.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

bugs.debian.org/cgi-bin/bugreport.cginvdExploitVendor Advisory
www.securityfocus.com/bid/11871nvdExploitVendor Advisory
marc.infonvd
secunia.com/advisories/20960nvd
securitytracker.com/idnvd
www.novell.com/linux/security/advisories/2006_16_sr.htmlnvd
www.redhat.com/support/errata/RHSA-2005-771.htmlnvd
exchange.xforce.ibmcloud.com/vulnerabilities/18421nvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9750nvd
usn.ubuntu.com/145-1/nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.011
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000