Double-Free Vulnerability in CVS 1.11.4 and Earlier: Remote Code Execution and Denial of Service

Double-Free Vulnerability in CVS 1.11.4 and Earlier: Remote Code Execution and Denial of Service

CVE-2003-0015 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed Directory request, as demonstrated by bypassing write checks to execute Update-prog and Checkin-prog commands.

Learn more about our Web Application Penetration Testing UK.