CVS.Argumentx.Command.Double.Free.Heap.Corruption
Description
CVS (Concurrent Versions System) has a double free vulnerability. An attacker can exploit it with the command "Argumentx" without any arguments. This issue may allow remote attackers to execute arbitrary code.
Affected Products
CVS (Concurrent Versions System) 1.11.16 and earlier.
CVS (Concurrent Versions System) 1.12.8 and earlier.
Impact
System compromise: possible remote code execution.
Recommended Actions
Upgrade to the latest version, available from Web site:
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |