CVE-2004-0414

CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:cvs:cvs:1.10.7:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.10.8:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.11:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.11.1:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.11.1_p1:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.11.2:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.11.3:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.11.4:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.11.5:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.11.6:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.11.10:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.11.11:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.11.14:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.11.15:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.11.16:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.12.1:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.12.2:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.12.5:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.12.7:*:*:*:*:*:*:*
cpe:2.3:a:cvs:cvs:1.12.8:*:*:*:*:*:*:*
cpe:2.3:a:openpkg:openpkg:*:*:*:*:*:*:*:*
cpe:2.3:a:openpkg:openpkg:1.3:*:*:*:*:*:*:*
cpe:2.3:a:openpkg:openpkg:2.0:*:*:*:*:*:*:*
cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*
cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*

History

No history.

Information

Published : 2004-08-06 04:00

Updated : 2024-02-04 16:31


NVD link : CVE-2004-0414

Mitre link : CVE-2004-0414

CVE.ORG link : CVE-2004-0414


JSON object : View

Products Affected

gentoo

  • linux

openbsd

  • openbsd

openpkg

  • openpkg

cvs

  • cvs

sgi

  • propack