Oval Definition:oval:org.mitre.oval:def:994
Revision Date:2004-08-04Version:3
Title:CVS error_prog_name Double-free Vulnerability
Description:Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2004-0416
Platform(s):Red Hat Enterprise Linux 3
Product(s):CVS
Definition Synopsis
  • Software section
  • Red Hat Enterprise 3 is installed
  • AND cvs rpm version prior to 1.11.2-24 is installed
  • AND Configuration section
  • /usr/bin/cvs is executable
  • /usr/bin/cvs is executable
  • OR /usr/bin/cvs is executable
  • OR /usr/bin/cvs is executable
    • BACK