CVE-2004-0418 in CVSinfo

Summary

serve_notify in cvs 1.12.x through 1.12.8 and 1.11.x through 1.11.16 does not properly handle empty data lines which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

04/16/2004

Disclosure

08/06/2004

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-119

Exploit

Download

CVSS

10.0

EPSS

0.14279

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2004-0418
NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-0418
CVE Details	https://www.cvedetails.com/cve/CVE-2004-0418/

◂ Previous Overview Next ▸

Interested in the pricing of exploits?

See the underground prices here!