The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Cvs | Cvs | * | 1.10 (including) |