|
|
CVE Reference: CVE-2004-0413 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2004-0413 |
|
|
Description: libsvn_ra_svn in Subversion 1.0.4 trusts the length field of (1) svn://, (2) svn+ssh://, and (3) other svn protocol URL strings, which allows remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via an integer overflow that leads to a heap-based buffer overflow. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/16396 SUSE http://www.novell.com/linux/security/advisories/2004_18_subversion.html GENTOO http://www.gentoo.org/security/en/glsa/glsa-200406-07.xml FEDORA http://www.securityfocus.com/advisories/6847 CONFIRM http://subversion.tigris.org/security/CAN-2004-0413-advisory.txt BUGTRAQ http://www.securityfocus.com/archive/1/365836 BID 10519 |
|
| Return to the previous page. |
