PublicDate: 2004-08-06 04:00:00 UTC
Candidate: CVE-2004-0418
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0418
Description:
 serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does
 not properly handle empty data lines, which may allow remote attackers to
 perform an "out-of-bounds" write for a single byte to execute arbitrary
 code or modify critical program data.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_cvs: released (1.12.9-17)
edgy_cvs: released (1.12.9-17)
feisty_cvs: released (1.12.9-17)
devel_cvs: released (1.12.9-17)
upstream_cvs: needs-triage