CVE-2004-0396

EPSS 86.6%

cvs - heap overflow

Published: 6/14/2004Modified: 4/28/2026

Description

Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines.

Affected packages (2)

Debian/cvsfrom 0, < 1:1.12.5-6
Debian/cvsfrom 0, < 1.11.1p1debian-9woody4

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2004-0396