PT-2004-1553 · Cvs · Cvs

Publicado

2004-06-11

Atualizado

2018-05-03

CVE-2004-0414

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions CVS versions 1.11.x through 1.11.16 CVS versions 1.12.x through 1.12.8

Description The issue arises from the improper handling of malformed "Entry" lines, which can prevent a NULL terminator from being used. This may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution.

Recommendations For CVS versions 1.11.x through 1.11.16, update to a version that properly handles malformed "Entry" lines to prevent potential crashes or code execution. For CVS versions 1.12.x through 1.12.8, update to a version that properly handles malformed "Entry" lines to prevent potential crashes or code execution.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2004-0414

DSA-517

RHSA-2004:233

Produtos afetados

Cvs

PT-2004-1553 · Cvs · Cvs

CVE-2004-0414

Identificadores relacionados

Produtos afetados

Referências · 15