serve_notify in CVS 1.12.x up to and including 1.12.8, and 1.11.x up to and including 1.11.16, does not properly handle empty data lines, which may allow remote malicious users to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openpkg openpkg 2.0 |
||
cvs cvs 1.11.14 |
||
cvs cvs 1.11.1 |
||
cvs cvs 1.11 |
||
cvs cvs 1.12.2 |
||
cvs cvs 1.11.4 |
||
cvs cvs 1.12.7 |
||
sgi propack 3.0 |
||
cvs cvs 1.12.5 |
||
openpkg openpkg 1.3 |
||
cvs cvs 1.11.16 |
||
cvs cvs 1.11.5 |
||
cvs cvs 1.10.8 |
||
cvs cvs 1.11.15 |
||
cvs cvs 1.11.11 |
||
cvs cvs 1.12.8 |
||
cvs cvs 1.11.6 |
||
cvs cvs 1.12.1 |
||
cvs cvs 1.11.3 |
||
cvs cvs 1.11.2 |
||
cvs cvs 1.11.10 |
||
sgi propack 2.4 |
||
openpkg openpkg |
||
cvs cvs 1.10.7 |
||
cvs cvs 1.11.1 p1 |
||
gentoo linux 1.4 |
||
openbsd openbsd 3.5 |
||
openbsd openbsd |
||
openbsd openbsd 3.4 |