CVE-2012-0804

Related Files

Gentoo Linux Security Advisory 201701-44

Posted Jan 20, 2017

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-44 - A heap-based buffer overflow in CVS might allow remote attackers to execute arbitrary code. Versions less than 1.12.12-r11 are affected.

tags | advisory, remote, overflow, arbitrary

systems | linux, gentoo

advisories | CVE-2012-0804

SHA-256 | 71c9c3e5dca8cfd1d4536c96814d73f9b18d733595f8c2d555c62d5e873f9a56

Download | Favorite | View

Mandriva Linux Security Advisory 2012-044

Posted Mar 30, 2012

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-044 - A vulnerability has been found and corrected in cvs. A heap-based buffer overflow flaw was found in the way the CVS client handled responses from HTTP proxies. A malicious HTTP proxy could use this flaw to cause the CVS client to crash or, possibly, execute arbitrary code with the privileges of the user running the CVS client. The updated packages have been patched to correct this issue.

tags | advisory, web, overflow, arbitrary

systems | linux, mandriva

advisories | CVE-2012-0804

SHA-256 | 891ba05686fa17391e069c49ba48e6a0ad5b0eba8fc97db8070e0ddf441eeff7

Download | Favorite | View

Ubuntu Security Notice USN-1371-1

Posted Feb 23, 2012

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1371-1 - It was discovered that cvs incorrectly handled certain responses from proxy servers. If a user were tricked into connecting to a malicious proxy server, a remote attacker could cause cvs to crash, or possibly execute arbitrary code.

tags | advisory, remote, arbitrary

systems | linux, ubuntu

advisories | CVE-2012-0804

SHA-256 | 456195625d6524c03923a1457d002d80445f9f034e991f9bbf3bbe3eb73ae6a5

Download | Favorite | View

Red Hat Security Advisory 2012-0321-01

Posted Feb 22, 2012

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0321-01 - Concurrent Version System is a version control system that can record the history of your files. A heap-based buffer overflow flaw was found in the way the CVS client handled responses from HTTP proxies. A malicious HTTP proxy could use this flaw to cause the CVS client to crash or, possibly, execute arbitrary code with the privileges of the user running the CVS client. All users of cvs are advised to upgrade to these updated packages, which contain a patch to correct this issue.

tags | advisory, web, overflow, arbitrary

systems | linux, redhat

advisories | CVE-2012-0804

SHA-256 | 286bd54779b5c16c26d69ad0f13809a6a3ffda1eb265fbfeaf74bff12f263554

Download | Favorite | View

Debian Security Advisory 2407-1

Posted Feb 10, 2012

Authored by Debian | Site debian.org

Debian Linux Security Advisory 2407-1 - It was discovered that a malicious CVS server could cause a heap overflow in the CVS client, potentially allowing the server to execute arbitrary code on the client.

tags | advisory, overflow, arbitrary

systems | linux, debian

advisories | CVE-2012-0804

SHA-256 | 1489ddea367ba0fd14946999e8941cbabe33fe51ca09e8d921dea8e46f7770df

Download | Favorite | View