Lucene search

[email protected]CVE-2004-1471

HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-1471

2004-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

2004

1471

vulnerability

format string

cvs

denial of service

code execution

7.8 High

AI Score

Confidence

High

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

0.014 Low

EPSS

Percentile

86.1%

JSON

Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line.

CPENameOperatorVersion
openpkg:openpkgopenpkgeq2.0
cvs:cvscvseq1.11.14
cvs:cvscvseq1.11.1
cvs:cvscvseq1.11
cvs:cvscvseq1.12.2
cvs:cvscvseq1.11.4
cvs:cvscvseq1.12.7
sgi:propacksgi propackeq3.0
cvs:cvscvseq1.12.5
openpkg:openpkgopenpkgeq1.3

CPE	Name	Operator	Version
openpkg:openpkg	openpkg	eq	2.0
cvs:cvs	cvs	eq	1.11.14
cvs:cvs	cvs	eq	1.11.1
cvs:cvs	cvs	eq	1.11
cvs:cvs	cvs	eq	1.12.2
cvs:cvs	cvs	eq	1.11.4
cvs:cvs	cvs	eq	1.12.7
sgi:propack	sgi propack	eq	3.0
cvs:cvs	cvs	eq	1.12.5
openpkg:openpkg	openpkg	eq	1.3

Rows per page:

1-10 of 681

References

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:14.cvs.asc

lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html

security.e-matters.de/advisories/092004.html

www.securityfocus.com/bid/10499

exchange.xforce.ibmcloud.com/vulnerabilities/16365

7.8 High

AI Score

Confidence

High

7.1 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

0.014 Low

EPSS

Percentile

86.1%

JSON

Related for CVE-2004-1471

debiancve1 nessus3