CVE-2004-0418

EPSS 14.3%

發布日:2004/8/6修改日:2026/4/28

描述

serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data.

受影響套件(1)

Debian/cvsfrom 0, < 1:1.12.9-1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2004-0418