Vulnerability in Cvs
CVE-2004-1471
Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via f…
EPSS: 0.077 (93.9th percentile) — read the EPSS interpretation.
Affected products
- Cvs — versions 1.10.7, 1.10.8, 1.11
- Freebsd — versions 1.1.5.1, 2.0, 2.0.5
- Gentoo Linux — versions 1.4
- Openbsd — versions 3.4, 3.5, current
- Openpkg — versions 1.3, 2.0, current
- Sgi Propack — versions 2.4, 3.0
- N/a — versions n/a
References
- cve@mitre.org (x_refsource_MISC)
- cve@mitre.org (Patch, vdb-entry, x_refsource_BID)
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (Vendor Advisory, mailing-list, x_refsource_FULLDISC)