CVE-2004-0180
EPSS 4.2%cvs - several vulnerabilities
Published: 6/1/2004Modified: 4/28/2026
Also known as:DEBIAN-CVE-2004-0180
Description
The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405.
Affected packages (2)
- Debian/cvsfrom 0, < 1:1.12.5-4
- Debian/cvsfrom 0, < 1.11.1p1debian-9woody2