CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote attackers to determine the existence of arbitrary files and directories via the -X command for an alternate history file, which causes different error messages to be returned.
References
Link | Resource |
---|---|
http://www.idefense.com/application/poi/display?id=130&type=vulnerabilities | Broken Link Vendor Advisory |
http://www.kb.cert.org/vuls/id/579225 | Patch Third Party Advisory US Government Resource |
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:108 | Broken Link |
http://www.securityfocus.com/bid/10955 | Broken Link Patch Third Party Advisory VDB Entry Vendor Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/17001 | Third Party Advisory VDB Entry |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10688 | Broken Link |
Configurations
History
14 Feb 2024, 15:07
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:cvs:cvs:1.11.15:*:*:*:*:*:*:* cpe:2.3:a:cvs:cvs:1.11.2:*:*:*:*:*:*:* cpe:2.3:a:cvs:cvs:1.10.7:*:*:*:*:*:*:* cpe:2.3:a:cvs:cvs:1.11.1_p1:*:*:*:*:*:*:* cpe:2.3:a:cvs:cvs:1.11.11:*:*:*:*:*:*:* cpe:2.3:a:cvs:cvs:1.12.8:*:*:*:*:*:*:* cpe:2.3:a:cvs:cvs:1.11.14:*:*:*:*:*:*:* cpe:2.3:a:cvs:cvs:1.11.5:*:*:*:*:*:*:* cpe:2.3:a:cvs:cvs:1.11.16:*:*:*:*:*:*:* cpe:2.3:a:cvs:cvs:1.11.1:*:*:*:*:*:*:* cpe:2.3:a:cvs:cvs:1.12.7:*:*:*:*:*:*:* cpe:2.3:a:cvs:cvs:1.12.2:*:*:*:*:*:*:* cpe:2.3:a:cvs:cvs:1.12.5:*:*:*:*:*:*:* cpe:2.3:a:cvs:cvs:1.11:*:*:*:*:*:*:* cpe:2.3:a:cvs:cvs:1.11.6:*:*:*:*:*:*:* cpe:2.3:a:cvs:cvs:1.10.6:*:*:*:*:*:*:* cpe:2.3:a:cvs:cvs:1.12.1:*:*:*:*:*:*:* cpe:2.3:a:cvs:cvs:1.11.10:*:*:*:*:*:*:* cpe:2.3:a:cvs:cvs:1.10.8:*:*:*:*:*:*:* cpe:2.3:a:cvs:cvs:1.11.3:*:*:*:*:*:*:* |
cpe:2.3:a:gnu:cvs:*:*:*:*:*:*:*:* |
References | (MANDRAKE) http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:108 - Broken Link | |
References | (BID) http://www.securityfocus.com/bid/10955 - Broken Link, Patch, Third Party Advisory, VDB Entry, Vendor Advisory | |
References | (IDEFENSE) http://www.idefense.com/application/poi/display?id=130&type=vulnerabilities - Broken Link, Vendor Advisory | |
References | (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/17001 - Third Party Advisory, VDB Entry | |
References | (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10688 - Broken Link | |
CWE | CWE-203 | |
First Time |
Gnu cvs
Gnu |
Information
Published : 2004-10-20 04:00
Updated : 2024-02-28 10:24
NVD link : CVE-2004-0778
Mitre link : CVE-2004-0778
CVE.ORG link : CVE-2004-0778
JSON object : View
Products Affected
gnu
- cvs
CWE
CWE-203
Observable Discrepancy