CVE-2005-2693
NONE EPSS 35.5%
Published Aug 26, 200520y ago · Modified Jun 16, 20262w ago
Published Aug 26, 2005 20y ago
Last Modified Jun 16, 2026 2w ago
Description
cvsbug in CVS 1.12.12 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack.
Threat Intelligence
EPSS Exploit Probability
35.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| cvs | cvs | 1.12.12 | any |
References 9
- ftp.freebsd.org ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:20.cvsbug.asc
- secunia.com http://secunia.com/advisories/16765
- securitytracker.com http://securitytracker.com/id?1014857
- debian.org http://www.debian.org/security/2005/dsa-802
- debian.org http://www.debian.org/security/2005/dsa-806
- redhat.com http://www.redhat.com/support/errata/RHSA-2005-756.html
- vupen.com http://www.vupen.com/english/advisories/2005/1667
- bugzilla.redhat.com https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=166366
- oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10835
Remediation
- bugzilla.redhat.com https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=166366