Mandriva Linux Security Advisory 2010-170 – GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a 3xx redirect to a URL with a.wgetrc filename followed by a 3xx redirect to a URL with a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/93468/MDVSA-2010-170.txt
Source: https://packetstormsecurity.com/files/93468/Mandriva-Linux-Security-Advisory-2010-170.html