CVE-2004-0397

Published: May 28, 2004

Modified: Aug 8, 2024

PUBLISHED

Description

Stack-based buffer overflow during the apr_time_t data conversion in Subversion 1.0.2 and earlier allows remote attackers to execute arbitrary code via a (1) DAV2 REPORT query or (2) get-dated-rev svn-protocol command.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

10386

vdb-entry

x_refsource_BID

FLSA:1748

vendor-advisory

x_refsource_FEDORA

20040519 Advisory 08/2004: Subversion remote vulnerability

mailing-list

x_refsource_FULLDISC

http://subversion.tigris.org/svn-sscanf-advisory.txt

x_refsource_CONFIRM

20040519 Advisory 08/2004: Subversion remote vulnerability

mailing-list

x_refsource_BUGTRAQ

20040519 [OpenPKG-SA-2004.023] OpenPKG Security Advisory (subversion)

mailing-list

x_refsource_BUGTRAQ

FEDORA-2004-128

vendor-advisory

x_refsource_FEDORA

GLSA-200405-14

vendor-advisory

x_refsource_GENTOO

6301

vdb-entry

x_refsource_OSVDB

11675

third-party-advisory

x_refsource_SECUNIA

subversion-date-parsing-command-execution(16191)

vdb-entry

x_refsource_XF

http://security.e-matters.de/advisories/082004.html

x_refsource_MISC

11642

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2004-0397

Description

Affected Products

References