Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2012-4465 at MITRE


Heap-based buffer overflow in the substr function in parsing.c in cgit and earlier allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via an empty username in the "Author" field in a commit.

NVD CVSS v2 Base Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)

SUSE information

SUSE Bugzilla entry: 783012

SUSE Security Advisories: