Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line.
No CVSS v3.1
No CVSS v3.0
Access Vector Network
Access Complexity High
Authentication Single
Confidentiality Impact Complete
Integrity Impact Complete
Availability Impact Complete
AV:N/AC:H/Au:S/C:C/I:C/A:C
Vendors | Products |
---|---|
Openbsd |
|
Cvs |
|
Gentoo |
|
Freebsd |
|
Openpkg |
|
Sgi |
|
Configuration 1 [-]
|
Configuration 2 [-]
|
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2005-02-13T05:00:00
Updated: 2017-07-10T14:57:01
Reserved: 2005-02-13T00:00:00
Link: CVE-2004-1471
JSON object: View
NVD Information
Status : Modified
Published: 2004-12-31T05:00:00.000
Modified: 2017-07-11T01:31:03.747
Link: CVE-2004-1471
JSON object: View
Redhat Information
No data.
CWE