CVE-2004-1471

Name of the Vulnerable Software and Affected Versions: CVS versions 1.11.x through 1.11.16 CVS versions 1.12.x through 1.12.8

Description: The issue allows remote attackers with CVSROOT commit access to cause a denial of service, potentially leading to application crashes, and possibly execute arbitrary code. This is achieved through the use of format string specifiers in a wrapper line.

Recommendations: For CVS versions 1.11.x through 1.11.16, update to a version outside of this range to resolve the issue. For CVS versions 1.12.x through 1.12.8, update to a version outside of this range to resolve the issue. As a temporary workaround, consider restricting access to the wrapper line in wrapper.c to minimize the risk of exploitation.