Skip to main content

CVE-2004-1471

Severity High
Score 7.1/10

Summary

Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line.

  • HIGH
  • NETWORK
  • SINGLE
  • COMPLETE
  • COMPLETE
  • COMPLETE

References

Advisory Timeline

  • Published