CVE-2012-4465

2012-10-10T18:55:00
ID CVE-2012-4465
Type cve
Reporter cve@mitre.org
Modified 2013-01-30T04:54:00

Description

Heap-based buffer overflow in the substr function in parsing.c in cgit 0.9.0.3 and earlier allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via an empty username in the "Author" field in a commit.