Oval Definition:
oval:org.mitre.oval:def:23565
Revision Date
:
2014-05-26
Version
:
15
Title
:
ELSA-2012:0321: cvs security update (Moderate)
Description
:
Heap-based buffer overflow in the proxy_connect function in src/client.c in CVS 1.11 and 1.12 allows remote HTTP proxy servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTTP response.
Family
:
unix
Class
:
patch
Status
:
ACCEPTED
Reference(s)
:
CVE-2012-0804
ELSA-2012:0321-01
Platform(s)
:
Oracle Linux 5
Oracle Linux 6
Product(s)
:
cvs
Definition Synopsis
rpm test
Oracle Linux 5.x
AND
rpm test
cvs-inetd is earlier than 0:1.11.22-11.el5_8.1
OR
cvs is earlier than 0:1.11.22-11.el5_8.1
OR
rpm test
cvs is earlier than 0:1.11.23-11.el6_2.1
AND
Oracle Linux 6.x
BACK