CVE-2004-0397

Name of the Vulnerable Software and Affected Versions Subversion versions prior to 1.0.2

Description The issue allows remote attackers to execute arbitrary code, potentially leading to a breach of confidentiality, integrity, and availability of protected information. This can be achieved through a stack-based buffer overflow during the apr time t data conversion, specifically via a DAV2 REPORT query or get-dated-rev svn-protocol command.

Recommendations For Subversion versions prior to 1.0.2, update to a version later than 1.0.2 to resolve the issue. As a temporary workaround, consider restricting access to the DAV2 REPORT query and get-dated-rev svn-protocol command to minimize the risk of exploitation.