Heap-based Buffer Overflow in cgit's substr Function Allows Remote Code Execution
CVE-2012-4465 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:P/A:P
Heap-based buffer overflow in the substr function in parsing.c in cgit 0.9.0.3 and earlier allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via an empty username in the "Author" field in a commit.
Learn more about our User Device Pen Test.