What is CVE-2004-0396?

CVE-2004-0396 is a vulnerability in N/a. Published 2004-05-20.

Is CVE-2004-0396 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2004-0396

Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines.

EPSS: 0.866 (99.4th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

11641 (x_refsource_SECUNIA, third-party-advisory)
11652 (x_refsource_SECUNIA, third-party-advisory)
oval:org.mitre.oval:def:970 (signature, x_refsource_OVAL, vdb-entry)
20040519 [OpenPKG-SA-2004.022] OpenPKG Security Advisory (cvs) (mailing-list, x_refsource_BUGTRAQ)
oval:org.mitre.oval:def:9058 (signature, x_refsource_OVAL, vdb-entry)
MDKSA-2004:048 (vendor-advisory, x_refsource_MANDRAKE)
20040519 Advisory 07/2004: CVS remote vulnerability (mailing-list, x_refsource_BUGTRAQ)
20040520 cvs server buffer overflow vulnerability (vendor-advisory, x_refsource_OPENBSD)
RHSA-2004:190 (x_refsource_REDHAT, vendor-advisory)
11674 (x_refsource_SECUNIA, third-party-advisory)

Frequently asked questions

What is CVE-2004-0396?: CVE-2004-0396 is a vulnerability in N/a. Published 2004-05-20.
Is CVE-2004-0396 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.