CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
No history.
Information
Published : 2004-08-06 04:00
Updated : 2024-02-04 16:31
NVD link : CVE-2004-0414
Mitre link : CVE-2004-0414
CVE.ORG link : CVE-2004-0414
JSON object : View
Products Affected
gentoo
- linux
openbsd
- openbsd
openpkg
- openpkg
cvs
- cvs
sgi
- propack
CWE