CVE Vulnerabilities

CVE-2004-0396

Published: Jun 14, 2004 | Modified: Oct 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines.

Affected Software

Name Vendor Start Version End Version
Cvs Cvs 1.11 1.11
Cvs Cvs 1.12 1.12
Red Hat Enterprise Linux 3 RedHat cvs-0:1.11.2-22 *
Cvs Ubuntu dapper *
Cvs Ubuntu devel *
Cvs Ubuntu edgy *
Cvs Ubuntu feisty *

References