CVE-2004-0397

NONE EPSS 99.5%
Published Jul 7, 200422y ago · Modified Jun 16, 20262w ago
Find Similar
Published Jul 7, 2004 22y ago
Last Modified Jun 16, 2026 2w ago

Description

Stack-based buffer overflow during the apr_time_t data conversion in Subversion 1.0.2 and earlier allows remote attackers to execute arbitrary code via a (1) DAV2 REPORT query or (2) get-dated-rev svn-protocol command.

Threat Intelligence

EPSS Exploit Probability
99.5% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Affected Products 3

VendorProductVersionRange
subversionsubversion1.0any
subversionsubversion1.0.1any
subversionsubversion1.0.2any

References 13

Remediation

  • securityfocus.com http://www.securityfocus.com/archive/1/363814
    PatchVendor Advisory
  • securityfocus.com http://www.securityfocus.com/bid/10386
    ExploitPatchVendor Advisory