Multiple integer overflows in the libsvn_delta library in Subversion before 1.5.7, and 1.6.x before 1.6.4, allow remote authenticated users and remote Subversion servers to execute arbitrary code via an svndiff stream with large windows that trigger a heap-based buffer overflow, a related issue to CVE-2009-2412.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Subversion | Subversion | * | 1.5.6 (including) |
Subversion | Subversion | 0.22.1 (including) | 0.22.1 (including) |
Subversion | Subversion | 0.23.0 (including) | 0.23.0 (including) |
Subversion | Subversion | 0.24.0 (including) | 0.24.0 (including) |
Subversion | Subversion | 0.24.1 (including) | 0.24.1 (including) |
Subversion | Subversion | 0.24.2 (including) | 0.24.2 (including) |
Subversion | Subversion | 0.25.0 (including) | 0.25.0 (including) |
Subversion | Subversion | 0.27.0 (including) | 0.27.0 (including) |
Subversion | Subversion | 0.28.0 (including) | 0.28.0 (including) |
Subversion | Subversion | 0.28.1 (including) | 0.28.1 (including) |
Subversion | Subversion | 0.28.2 (including) | 0.28.2 (including) |
Subversion | Subversion | 0.29.0 (including) | 0.29.0 (including) |
Subversion | Subversion | 0.30.0 (including) | 0.30.0 (including) |
Subversion | Subversion | 0.31.0 (including) | 0.31.0 (including) |
Subversion | Subversion | 0.32.0 (including) | 0.32.0 (including) |
Subversion | Subversion | 0.32.1 (including) | 0.32.1 (including) |
Subversion | Subversion | 0.33.0 (including) | 0.33.0 (including) |
Subversion | Subversion | 0.33.1 (including) | 0.33.1 (including) |
Subversion | Subversion | 0.34.0 (including) | 0.34.0 (including) |
Subversion | Subversion | 0.35.0 (including) | 0.35.0 (including) |
Subversion | Subversion | 0.35.1 (including) | 0.35.1 (including) |
Subversion | Subversion | 0.36.0 (including) | 0.36.0 (including) |
Subversion | Subversion | 0.37.0 (including) | 0.37.0 (including) |
Subversion | Subversion | 1.0 (including) | 1.0 (including) |
Subversion | Subversion | 1.0.0 (including) | 1.0.0 (including) |
Subversion | Subversion | 1.0.1 (including) | 1.0.1 (including) |
Subversion | Subversion | 1.0.2 (including) | 1.0.2 (including) |
Subversion | Subversion | 1.0.3 (including) | 1.0.3 (including) |
Subversion | Subversion | 1.0.4 (including) | 1.0.4 (including) |
Subversion | Subversion | 1.0.5 (including) | 1.0.5 (including) |
Subversion | Subversion | 1.0.6 (including) | 1.0.6 (including) |
Subversion | Subversion | 1.0.7 (including) | 1.0.7 (including) |
Subversion | Subversion | 1.0.8 (including) | 1.0.8 (including) |
Subversion | Subversion | 1.0.9 (including) | 1.0.9 (including) |
Subversion | Subversion | 1.1.0 (including) | 1.1.0 (including) |
Subversion | Subversion | 1.1.0_rc1 (including) | 1.1.0_rc1 (including) |
Subversion | Subversion | 1.1.0_rc2 (including) | 1.1.0_rc2 (including) |
Subversion | Subversion | 1.1.0_rc3 (including) | 1.1.0_rc3 (including) |
Subversion | Subversion | 1.1.1 (including) | 1.1.1 (including) |
Subversion | Subversion | 1.1.2 (including) | 1.1.2 (including) |
Subversion | Subversion | 1.1.3 (including) | 1.1.3 (including) |
Subversion | Subversion | 1.1.4 (including) | 1.1.4 (including) |
Subversion | Subversion | 1.2.0 (including) | 1.2.0 (including) |
Subversion | Subversion | 1.2.1 (including) | 1.2.1 (including) |
Subversion | Subversion | 1.2.2 (including) | 1.2.2 (including) |
Subversion | Subversion | 1.2.3 (including) | 1.2.3 (including) |
Subversion | Subversion | 1.3.0 (including) | 1.3.0 (including) |
Subversion | Subversion | 1.3.1 (including) | 1.3.1 (including) |
Subversion | Subversion | 1.3.2 (including) | 1.3.2 (including) |
Subversion | Subversion | 1.4.0 (including) | 1.4.0 (including) |
Subversion | Subversion | 1.4.1 (including) | 1.4.1 (including) |
Subversion | Subversion | 1.4.2 (including) | 1.4.2 (including) |
Subversion | Subversion | 1.4.3 (including) | 1.4.3 (including) |
Subversion | Subversion | 1.4.4 (including) | 1.4.4 (including) |
Subversion | Subversion | 1.4.5 (including) | 1.4.5 (including) |
Subversion | Subversion | 1.5.0 (including) | 1.5.0 (including) |
Subversion | Subversion | 1.5.1 (including) | 1.5.1 (including) |
Subversion | Subversion | 1.5.3 (including) | 1.5.3 (including) |
Subversion | Subversion | 1.5.4 (including) | 1.5.4 (including) |
Subversion | Subversion | 1.5.5 (including) | 1.5.5 (including) |
Subversion | Subversion | 1.6.0 (including) | 1.6.0 (including) |
Subversion | Subversion | 1.6.1 (including) | 1.6.1 (including) |
Subversion | Subversion | 1.6.2 (including) | 1.6.2 (including) |
Subversion | Subversion | 1.6.3 (including) | 1.6.3 (including) |
Red Hat Enterprise Linux 4 | RedHat | subversion-0:1.1.4-3.el4_8.2 | * |
Red Hat Enterprise Linux 5 | RedHat | subversion-0:1.4.2-4.el5_3.1 | * |
Subversion | Ubuntu | dapper | * |
Subversion | Ubuntu | hardy | * |
Subversion | Ubuntu | intrepid | * |
Subversion | Ubuntu | jaunty | * |
Subversion | Ubuntu | upstream | * |