CVE-2004-0413 in Subversioninfo

Summary

libsvn_ra_svn in subversion 1.0.4 trusts the length field of (1) svn:// (2) svn+ssh:// and (3) other svn protocol url strings which allows remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via an integer overflow that leads to a heap-based buffer overflow.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

04/16/2004

Disclosure

08/06/2004

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-122 (Confirmed)

CVSS

10.0

EPSS

0.10823

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2004-0413
NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-0413
CVE Details	https://www.cvedetails.com/cve/CVE-2004-0413/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!