Heap-based buffer overflow in the proxy_connect function in src/client.c in CVS 1.11 and 1.12 allows remote HTTP proxy servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTTP response.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cvs cvs 1.11 |
||
cvs cvs 1.12 |