CVE-2004-1471
NONE EPSS 93.9%
Published Dec 31, 200421y ago · Modified Jun 16, 20262w ago
Published Dec 31, 2004 21y ago
Last Modified Jun 16, 2026 2w ago
Description
Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line.
Threat Intelligence
EPSS Exploit Probability
93.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 111
| Vendor | Product | Version | Range |
|---|---|---|---|
| cvs | cvs | 1.10.7 | any |
| cvs | cvs | 1.10.8 | any |
| cvs | cvs | 1.11 | any |
| cvs | cvs | 1.11.1 | any |
| cvs | cvs | 1.11.1_p1 | any |
| cvs | cvs | 1.11.2 | any |
| cvs | cvs | 1.11.3 | any |
| cvs | cvs | 1.11.4 | any |
| cvs | cvs | 1.11.5 | any |
| cvs | cvs | 1.11.6 | any |
| cvs | cvs | 1.11.10 | any |
| cvs | cvs | 1.11.11 | any |
| cvs | cvs | 1.11.14 | any |
| cvs | cvs | 1.11.15 | any |
| cvs | cvs | 1.11.16 | any |
| cvs | cvs | 1.12.1 | any |
| cvs | cvs | 1.12.2 | any |
| cvs | cvs | 1.12.5 | any |
| cvs | cvs | 1.12.7 | any |
| cvs | cvs | 1.12.8 | any |
| openpkg | openpkg | 1.3 | any |
| openpkg | openpkg | 2.0 | any |
| openpkg | openpkg | current | any |
| sgi | propack | 2.4 | any |
| sgi | propack | 3.0 | any |
| freebsd | freebsd | 1.1.5.1 | any |
| freebsd | freebsd | 2.0 | any |
| freebsd | freebsd | 2.0.5 | any |
| freebsd | freebsd | 2.1.0 | any |
| freebsd | freebsd | 2.1.5 | any |
| freebsd | freebsd | 2.1.6 | any |
| freebsd | freebsd | 2.1.6.1 | any |
| freebsd | freebsd | 2.1.7.1 | any |
| freebsd | freebsd | 2.2 | any |
| freebsd | freebsd | 2.2.2 | any |
| freebsd | freebsd | 2.2.3 | any |
| freebsd | freebsd | 2.2.4 | any |
| freebsd | freebsd | 2.2.5 | any |
| freebsd | freebsd | 2.2.6 | any |
| freebsd | freebsd | 2.2.8 | any |
| freebsd | freebsd | 3.0 | any |
| freebsd | freebsd | 3.0 | any |
| freebsd | freebsd | 3.1 | any |
| freebsd | freebsd | 3.2 | any |
| freebsd | freebsd | 3.3 | any |
| freebsd | freebsd | 3.4 | any |
| freebsd | freebsd | 3.5 | any |
| freebsd | freebsd | 3.5 | any |
| freebsd | freebsd | 3.5.1 | any |
| freebsd | freebsd | 3.5.1 | any |
| freebsd | freebsd | 3.5.1 | any |
| freebsd | freebsd | 4.0 | any |
| freebsd | freebsd | 4.0 | any |
| freebsd | freebsd | 4.0 | any |
| freebsd | freebsd | 4.1 | any |
| freebsd | freebsd | 4.1.1 | any |
| freebsd | freebsd | 4.1.1 | any |
| freebsd | freebsd | 4.1.1 | any |
| freebsd | freebsd | 4.2 | any |
| freebsd | freebsd | 4.2 | any |
| freebsd | freebsd | 4.3 | any |
| freebsd | freebsd | 4.3 | any |
| freebsd | freebsd | 4.3 | any |
| freebsd | freebsd | 4.3 | any |
| freebsd | freebsd | 4.3 | any |
| freebsd | freebsd | 4.4 | any |
| freebsd | freebsd | 4.4 | any |
| freebsd | freebsd | 4.4 | any |
| freebsd | freebsd | 4.4 | any |
| freebsd | freebsd | 4.5 | any |
| freebsd | freebsd | 4.5 | any |
| freebsd | freebsd | 4.5 | any |
| freebsd | freebsd | 4.5 | any |
| freebsd | freebsd | 4.5 | any |
| freebsd | freebsd | 4.6 | any |
| freebsd | freebsd | 4.6 | any |
| freebsd | freebsd | 4.6 | any |
| freebsd | freebsd | 4.6 | any |
| freebsd | freebsd | 4.6 | any |
| freebsd | freebsd | 4.6.2 | any |
| freebsd | freebsd | 4.7 | any |
| freebsd | freebsd | 4.7 | any |
| freebsd | freebsd | 4.7 | any |
| freebsd | freebsd | 4.7 | any |
| freebsd | freebsd | 4.7 | any |
| freebsd | freebsd | 4.8 | any |
| freebsd | freebsd | 4.8 | any |
| freebsd | freebsd | 4.8 | any |
| freebsd | freebsd | 4.8 | any |
| freebsd | freebsd | 4.9 | any |
| freebsd | freebsd | 4.9 | any |
| freebsd | freebsd | 4.9 | any |
| freebsd | freebsd | 4.10 | any |
| freebsd | freebsd | 4.10 | any |
| freebsd | freebsd | 4.10 | any |
| freebsd | freebsd | 5.0 | any |
| freebsd | freebsd | 5.0 | any |
| freebsd | freebsd | 5.0 | any |
| freebsd | freebsd | 5.0 | any |
| freebsd | freebsd | 5.1 | any |
| freebsd | freebsd | 5.1 | any |
| freebsd | freebsd | 5.1 | any |
| freebsd | freebsd | 5.1 | any |
| freebsd | freebsd | 5.1 | any |
| freebsd | freebsd | 5.2 | any |
| freebsd | freebsd | 5.2.1 | any |
| freebsd | freebsd | 5.2.1 | any |
| gentoo | linux | 1.4 | any |
| openbsd | openbsd | 3.4 | any |
| openbsd | openbsd | 3.5 | any |
| openbsd | openbsd | current | any |
References 5
- ftp.freebsd.org ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:14.cvs.asc
- lists.grok.org.uk http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022441.html
- security.e-matters.de http://security.e-matters.de/advisories/092004.html
- securityfocus.com http://www.securityfocus.com/bid/10499
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/16365
Remediation
- securityfocus.com http://www.securityfocus.com/bid/10499