CVE-2005-2693

NONE EPSS 35.5%
Published Aug 26, 200520y ago · Modified Jun 16, 20262w ago
Find Similar
Published Aug 26, 2005 20y ago
Last Modified Jun 16, 2026 2w ago

Description

cvsbug in CVS 1.12.12 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack.

Threat Intelligence

EPSS Exploit Probability
35.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 1

VendorProductVersionRange
cvscvs1.12.12any

References 9

  • ftp.freebsd.org ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:20.cvsbug.asc
  • secunia.com http://secunia.com/advisories/16765
  • securitytracker.com http://securitytracker.com/id?1014857
  • debian.org http://www.debian.org/security/2005/dsa-802
  • debian.org http://www.debian.org/security/2005/dsa-806
  • redhat.com http://www.redhat.com/support/errata/RHSA-2005-756.html
  • vupen.com http://www.vupen.com/english/advisories/2005/1667
  • bugzilla.redhat.com https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=166366
    Patch
  • oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10835

Remediation