CVE-2004-0396

EPSS 86.79%
Published 14.06.2004 04:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines.

Affected products Warnungen 0 Metrics 2 CWE 0 References 31

Data is provided by the National Vulnerability Database (NVD)

Cvs ≫ Cvs Version1.11

Cvs ≫ Cvs Version1.12

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	86.79%	0.994

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://marc.info/?l=bugtraq&m=108636445031613&w=2

ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2004-008.txt.asc

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:10.cvs.asc

http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0980.html

http://cert.uni-stuttgart.de/archive/bugtraq/2004/05/msg00219.html

http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021742.html

http://marc.info/?l=bugtraq&m=108498454829020&w=2

http://marc.info/?l=bugtraq&m=108500040719512&w=2

http://marc.info/?l=openbsd-security-announce&m=108508894405639&w=2

http://secunia.com/advisories/11641

http://secunia.com/advisories/11647

http://secunia.com/advisories/11651

http://secunia.com/advisories/11652

http://secunia.com/advisories/11674

http://security.e-matters.de/advisories/072004.html

http://security.gentoo.org/glsa/glsa-200405-12.xml

http://www.ciac.org/ciac/bulletins/o-147.shtml

http://www.debian.org/security/2004/dsa-505

Patch

Vendor Advisory

http://www.kb.cert.org/vuls/id/192038

Patch

Third Party Advisory

US Government Resource

http://www.mandriva.com/security/advisories?name=MDKSA-2004:048

http://www.osvdb.org/6305

http://www.redhat.com/support/errata/RHSA-2004-190.html

Patch

Vendor Advisory

http://www.securityfocus.com/bid/10384

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.395865

http://www.us-cert.gov/cas/techalerts/TA04-147A.html

US Government Resource

https://exchange.xforce.ibmcloud.com/vulnerabilities/16193

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9058

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A970

https://nvd.nist.gov/vuln/detail/CVE-2004-0396

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2004-0396

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2004-0396

EUVD