The MITRE CVE dictionary describes this issue as:
CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution.
Red Hat security errata
|Red Hat Enterprise Linux version 2.1 (cvs)||RHSA-2004:233||June 09, 2004|
|Red Hat Enterprise Linux version 3 (cvs)||RHSA-2004:233||June 09, 2004|
Red Hat would like to thank Derek Price for auditing, disclosing, and providing a patch for this issue.
This page is generated automatically and has not been checked for errors or omissions.
For clarification or corrections please contact the Red Hat Security Response Team.