| Description: |
From the Red Hat bugzilla:
An array index error, leading to heap-based buffer overflow was found
in the way CVS version control system applied certain delta fragments
changes from input file in the RCS (Revision Control System file)
format. A local attacker could store a specially-crafted RCS file into
the CVS repository and trick the remote victim to checkout (update their
CVS repository tree) with this file, which could lead to arbitrary code
execution with the privileges of the user running cvs client executable.
|
