CVE-2004-0413

NONE EPSS 92.3%
Published Aug 6, 200421y ago · Modified Jun 16, 20262w ago
Find Similar
Published Aug 6, 2004 21y ago
Last Modified Jun 16, 2026 2w ago

Description

libsvn_ra_svn in Subversion 1.0.4 trusts the length field of (1) svn://, (2) svn+ssh://, and (3) other svn protocol URL strings, which allows remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via an integer overflow that leads to a heap-based buffer overflow.

Threat Intelligence

EPSS Exploit Probability
92.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 7

VendorProductVersionRange
openpkgopenpkg*any
openpkgopenpkg2.0any
subversionsubversion1.0any
subversionsubversion1.0.1any
subversionsubversion1.0.2any
subversionsubversion1.0.3any
subversionsubversion1.0.4any

References 8

Remediation