Vulnerabilities > CVS
|2012-05-29||CVE-2012-0804|| Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in CVS 1.11/1.12 |
Heap-based buffer overflow in the proxy_connect function in src/client.c in CVS 1.11 and 1.12 allows remote HTTP proxy servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTTP response.
| 10.0 |
|2005-08-26||CVE-2005-2693|| Unspecified vulnerability in CVS 1.12.12 |
cvsbug in CVS 1.12.12 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack.
| 4.6 |
|2005-04-27||CVE-2004-1342|| Unspecified vulnerability in CVS |
CVS 1.12 and earlier on Debian GNU/Linux, when using the repouid patch, allows remote attackers to bypass authentication via the pserver access method.
| 7.5 |
|2005-04-18||CVE-2005-0753|| Unspecified vulnerability in CVS |
Buffer overflow in CVS before 1.11.20 allows remote attackers to execute arbitrary code.
| 7.5 |
|2004-12-31||CVE-2004-1471|| Multiple vulnerability in CVS |
Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line.
| 7.1 |
|2004-12-31||CVE-2004-1343|| Unspecified vulnerability in CVS |
CVS 1.12 and earlier on Debian GNU/Linux does not properly handle when a mapping for the current repository does not exist in the cvs-repouids file, which allows remote attackers to cause a denial of service (server crash).
| 5.0 |
|2004-10-20||CVE-2004-0778|| Information Disclosure vulnerability in CVS Undocumented History Flag |
CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote attackers to determine the existence of arbitrary files and directories via the -X command for an alternate history file, which causes different error messages to be returned.
| 5.0 |
|2004-08-06||CVE-2004-0418||serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data.|| 10.0 |
|2004-08-06||CVE-2004-0417||Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space.|| 5.0 |
|2004-08-06||CVE-2004-0416|| Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products |
Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code.
| 10.0 |