First published: Fri Apr 16 2004(Updated: )
The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Cvs Cvs | <=1.10 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.