3 matches found
cvs: Heap-based buffer overflow by applying RCS file changes
Array index error in the applyrcschange function in rcs.c in CVS 1.11.23 allows local users to gain privileges via an RCS file containing crafted delta fragment changes that trigger a heap-based buffer overflow...
DEBIAN-CVE-2005-2693
cvsbug in CVS 1.12.12 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack...
DEBIAN-CVE-2004-0417
Integer overflow in the "Max-dotdot" CVS protocol command servemaxdotdot for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space...