Download
| Alert*
oval:org.secpod.oval:def:2101172
A malicious third-party can give a crafted "ssh://..." URL to an unsuspecting victim, and an attempt to visit the URL can result in any program that exists on the victim"s machine being executed. Such a URL could be placed in the .gitmodules file of a malicious project, and an unsuspecting victim co ... oval:org.secpod.oval:def:89044579 This update for cvs fixes the following issues: - CVE-2017-12836: A leading dash in the argument of the quot;-dquot; option could lead to argument injection oval:org.secpod.oval:def:89044562 This update for cvs fixes the following issues: - CVE-2017-12836: A leading dash in the argument of the quot;-dquot; option could lead to argument injection oval:org.secpod.oval:def:603048 It was discovered that CVS, a centralised version control system, did not correctly handle maliciously constructed repository URLs, which allowed an attacker to run an arbitrary shell command. oval:org.secpod.oval:def:113104 CVS is a version control system that can record the history of your files . CVS only stores the differences between versions, instead of every version of every file you have ever created. CVS also keeps a log of who, when, and why changes occurred. CVS is very helpful for managing releases and cont ... oval:org.secpod.oval:def:113100 CVS is a version control system that can record the history of your files . CVS only stores the differences between versions, instead of every version of every file you have ever created. CVS also keeps a log of who, when, and why changes occurred. CVS is very helpful for managing releases and cont ... oval:org.secpod.oval:def:51882 cvs: Concurrent Versions System cvs could be made run programs as your login if it opened a specially crafted cvs repository. oval:org.secpod.oval:def:53114 It was discovered that CVS, a centralised version control system, did not correctly handle maliciously constructed repository URLs, which allowed an attacker to run an arbitrary shell command. oval:org.secpod.oval:def:703775 cvs: Concurrent Versions System cvs could be made run programs as your login if it opened a specially crafted cvs repository. |