CVE-2004-0416

EPSS 40.6%

cvs - several vulnerabilities

Published: 8/6/2004Modified: 4/28/2026

Description

Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code.

Affected packages (2)

Debian/cvsfrom 0, < 1:1.12.9-1
Debian/cvsfrom 0, < 1.11.1p1debian-9woody7

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2004-0416