CVE-2004-0405

Publication date 1 June 2004

Last updated 17 July 2025

Ubuntu priority

Medium

Why this priority?

Description

CVS before 1.11 allows CVS clients to read arbitrary files via .. (dot dot) sequences in filenames via CVS client requests, a different vulnerability than CVE-2004-0180.

Status

Package Ubuntu Release Status
cvs 7.04 feisty
Fixed 1.12.9-17
6.10 edgy
Fixed 1.12.9-17
6.06 LTS dapper
Fixed 1.12.9-17

References

Other references