NuytsTech Security

CVE-2010-3846

by ·

Array index error in the apply_rcs_change function in rcs.c in CVS 1.11.23 allows local users to gain privileges via an RCS file containing crafted delta fragment changes that trigger a heap-based buffer overflow.

Date published : 2010-11-05

http://www.securityfocus.com/bid/44528

http://cvs.savannah.gnu.org/viewvc/cvs/ccvs/src/rcs.c?r1=1.262.4.65&r2=1.262.4.66&sortby=rev

Tags: