Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line.
Max CVSS
7.1
EPSS Score
1.37%
Published
2004-12-31
Updated
2017-07-11
CVS 1.12 and earlier on Debian GNU/Linux does not properly handle when a mapping for the current repository does not exist in the cvs-repouids file, which allows remote attackers to cause a denial of service (server crash).
Max CVSS
5.0
EPSS Score
0.22%
Published
2004-12-31
Updated
2008-09-05
CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote attackers to determine the existence of arbitrary files and directories via the -X command for an alternate history file, which causes different error messages to be returned.
Max CVSS
5.0
EPSS Score
4.82%
Published
2004-10-20
Updated
2017-10-11
serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data.
Max CVSS
10.0
EPSS Score
76.10%
Published
2004-08-06
Updated
2018-05-03
Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space.
Max CVSS
5.0
EPSS Score
93.08%
Published
2004-08-06
Updated
2018-05-03
Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code.
Max CVSS
10.0
EPSS Score
93.35%
Published
2004-08-06
Updated
2018-05-03
CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution.
Max CVSS
10.0
EPSS Score
1.63%
Published
2004-08-06
Updated
2018-05-03
CVS before 1.11 allows CVS clients to read arbitrary files via .. (dot dot) sequences in filenames via CVS client requests, a different vulnerability than CVE-2004-0180.
Max CVSS
5.0
EPSS Score
1.10%
Published
2004-06-01
Updated
2017-10-11
Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines.
Max CVSS
7.5
EPSS Score
97.02%
Published
2004-06-14
Updated
2017-10-11
The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405.
Max CVSS
2.6
EPSS Score
0.92%
Published
2004-06-01
Updated
2018-05-03
CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests.
Max CVSS
7.5
EPSS Score
0.95%
Published
2004-01-05
Updated
2017-10-11
11 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!