| Max CVSS | 10.0 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2004-0778 | 5.0 |
CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote attackers to determine the existence of arbitrary files and directories via the -X command for an alternate history file, which causes different error messages to be returned.
|
14-02-2024 - 15:07 | 20-10-2004 - 04:00 | |
| CVE-2004-0416 | 10.0 |
Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code.
|
03-05-2018 - 01:29 | 06-08-2004 - 04:00 | |
| CVE-2004-0414 | 10.0 |
CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary
|
03-05-2018 - 01:29 | 06-08-2004 - 04:00 | |
| CVE-2004-0418 | 10.0 |
serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical prog
|
03-05-2018 - 01:29 | 06-08-2004 - 04:00 | |
| CVE-2004-0417 | 5.0 |
Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consu
|
03-05-2018 - 01:29 | 06-08-2004 - 04:00 |