CVE-2010-3846
CVE-2010-3846
Array index error in the apply_rcs_change function in rcs.c in CVS 1.11.23 allows local users to gain privileges via an RCS file containing crafted delta fragment changes that trigger a heap-based buffer overflow.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://cvs.savannah.gnu.org/viewvc/cvs/ccvs/src/rcs.c?r1=1.262.4.65&r2=1.262.4.66&sortby=revhttp://lists.fedoraproject.org/pipermail/package-announce/2010-November/050212.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-November/050287.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2010-October/050090.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=642146http://secunia.com/advisories/41079http://secunia.com/advisories/42041http://secunia.com/advisories/42409https://exchange.xforce.ibmcloud.com/vulnerabilities/62858http://www.osvdb.org/68952http://www.redhat.com/support/errata/RHSA-2010-0918.htmlhttp://www.securityfocus.com/bid/44528