Stack-based buffer overflow during the apr_time_t data conversion in Subversion 1.0.2 and earlier allows remote attackers to execute arbitrary code via a (1) DAV2 REPORT query or (2) get-dated-rev svn-protocol command.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Subversion | Subversion | 1.0 (including) | 1.0 (including) |
Subversion | Subversion | 1.0.1 (including) | 1.0.1 (including) |
Subversion | Subversion | 1.0.2 (including) | 1.0.2 (including) |
Subversion | Ubuntu | dapper | * |
Subversion | Ubuntu | devel | * |
Subversion | Ubuntu | edgy | * |
Subversion | Ubuntu | feisty | * |