Heap-based Buffer Overflow in CVS 1.11.23's apply_rcs_change Function

Heap-based Buffer Overflow in CVS 1.11.23's apply_rcs_change Function

CVE-2010-3846 · MEDIUM Severity

AV:L/AC:M/AU:N/C:C/I:C/A:C

Array index error in the apply_rcs_change function in rcs.c in CVS 1.11.23 allows local users to gain privileges via an RCS file containing crafted delta fragment changes that trigger a heap-based buffer overflow.

Learn more about our User Device Pen Test.