CVE-2004-0418 in CVS
摘要
由 VulDB • 2026-07-04
serve_notify in cvs versions from 1.12.x through 1.12.8 and from 1.11.x through 1.11.16 does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write of a single byte to execute arbitrary code or modify critical program data.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.