CVE-2004-0416

CVS <1.12.8/<1.11.16 - Memory Corruption

Title source: llm

Description

Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Gyan Chawdhary · cremotelinux

https://www.exploit-db.com/exploits/392

View Code ZIP pw:eip

References (11)

[Patch, Vendor Advisory] http://www.debian.org/security/2004/dsa-519

[Various Sources] http://security.e-matters.de/advisories/092004.html

[Vendor Advisory] ftp://patches.sgi.com/support/free/security/advisories/20040605-01-U.asc

[Mailing List] http://marc.info/?l=bugtraq&m=108716553923643&w=2

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10070

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2004-233.html

[Vendor Advisory] http://www.mandriva.com/security/advisories?name=MDKSA-2004:058

[Third Party Advisory] http://security.gentoo.org/glsa/glsa-200406-06.xml

[Vendor Advisory] ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A994

[Mailing List] http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html

Scores

EPSS 0.4061

EPSS Percentile 97.4%

Details

CWE

CWE-119

Status published

Products (29)

cvs/cvs 1.10.7

cvs/cvs 1.10.8

cvs/cvs 1.11

cvs/cvs 1.11.1

cvs/cvs 1.11.1_p1

cvs/cvs 1.11.2

cvs/cvs 1.11.3

cvs/cvs 1.11.4

cvs/cvs 1.11.5

cvs/cvs 1.11.6

... and 19 more

Published Aug 06, 2004

Tracked Since Feb 18, 2026