CVE-2004-0414
EPSS 5.3%cvs - buffer overflow
Published: 8/6/2004Modified: 4/28/2026
Also known as:DEBIAN-CVE-2004-0414
Description
CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution.
Affected packages (2)
- Debian/cvsfrom 0, < 1:1.12.9-1
- Debian/cvsfrom 0, < 1.11.1p1debian-9woody6