Heap-based buffer overflow in the proxy_connect function in src/client.c in CVS 1.11 and 1.12 allows remote HTTP proxy servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTTP response.
Max CVSS
10.0
EPSS Score
0.75%
Published
2012-05-29
Updated
2023-02-13
cvsbug in CVS 1.12.12 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack.
Max CVSS
4.6
EPSS Score
0.05%
Published
2005-08-26
Updated
2017-10-11
Buffer overflow in CVS before 1.11.20 allows remote attackers to execute arbitrary code.
Max CVSS
7.5
EPSS Score
84.77%
Published
2005-04-18
Updated
2017-10-11
Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line.
Max CVSS
7.1
EPSS Score
1.37%
Published
2004-12-31
Updated
2017-07-11
CVS 1.12 and earlier on Debian GNU/Linux does not properly handle when a mapping for the current repository does not exist in the cvs-repouids file, which allows remote attackers to cause a denial of service (server crash).
Max CVSS
5.0
EPSS Score
0.22%
Published
2004-12-31
Updated
2008-09-05
CVS 1.12 and earlier on Debian GNU/Linux, when using the repouid patch, allows remote attackers to bypass authentication via the pserver access method.
Max CVSS
7.5
EPSS Score
0.55%
Published
2005-04-27
Updated
2008-09-05
CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote attackers to determine the existence of arbitrary files and directories via the -X command for an alternate history file, which causes different error messages to be returned.
Max CVSS
5.0
EPSS Score
4.82%
Published
2004-10-20
Updated
2017-10-11
serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data.
Max CVSS
10.0
EPSS Score
76.10%
Published
2004-08-06
Updated
2018-05-03
Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space.
Max CVSS
5.0
EPSS Score
93.08%
Published
2004-08-06
Updated
2018-05-03
Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code.
Max CVSS
10.0
EPSS Score
93.35%
Published
2004-08-06
Updated
2018-05-03
CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution.
Max CVSS
10.0
EPSS Score
1.63%
Published
2004-08-06
Updated
2018-05-03
CVS before 1.11 allows CVS clients to read arbitrary files via .. (dot dot) sequences in filenames via CVS client requests, a different vulnerability than CVE-2004-0180.
Max CVSS
5.0
EPSS Score
1.10%
Published
2004-06-01
Updated
2017-10-11
Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines.
Max CVSS
7.5
EPSS Score
97.02%
Published
2004-06-14
Updated
2017-10-11
CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests.
Max CVSS
7.5
EPSS Score
0.95%
Published
2004-01-05
Updated
2017-10-11
Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed Directory request, as demonstrated by bypassing write checks to execute Update-prog and Checkin-prog commands.
Max CVSS
7.5
EPSS Score
29.55%
Published
2003-02-07
Updated
2018-05-03
CVS before 1.10.8 does not properly initialize a global variable, which allows remote attackers to cause a denial of service (server crash) via the diff capability.
Max CVSS
5.0
EPSS Score
0.98%
Published
2002-03-15
Updated
2016-10-18
The CVS 1.10.8 server does not properly restrict users from creating arbitrary Checkin.prog or Update.prog programs, which allows remote CVS committers to modify or create Trojan horse programs with the Checkin.prog or Update.prog names, then performing a CVS commit action.
Max CVSS
7.2
EPSS Score
0.05%
Published
2000-10-20
Updated
2008-09-05
17 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!