CVE Database


Impact: Critical
Public: 2004-06-09


The MITRE CVE dictionary describes this issue as:

CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution.

Find out more about CVE-2004-0414 from the MITRE CVE dictionary and NIST NVD.

Red Hat security errata

Platform Errata Release Date
Red Hat Enterprise Linux version 2.1 (cvs) RHSA-2004:233 June 09, 2004
Red Hat Enterprise Linux version 3 (cvs) RHSA-2004:233 June 09, 2004

External References


Red Hat would like to thank Derek Price for auditing, disclosing, and providing a patch for this issue.

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact the Red Hat Security Response Team.