CVE-2010-2542Out-of-bounds Write in GIT

CWE-787Out-of-bounds Write7 documents6 sources
Severity
7.5HIGHNVD
EPSS
2.1%
top 15.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Git-scm GIT
Timeline
PublishedAug 11
Latest updateMay 13

Description

Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDgit-scm/git< 1.7.2.1

🔴Vulnerability Details

2
GHSA
GHSA-q648-58gx-r823: Stack-based buffer overflow in the is_git_directory function in setup2022-05-13
CVEList
CVE-2010-2542: Stack-based buffer overflow in the is_git_directory function in setup2010-08-11

📋Vendor Advisories

2
Microsoft
CVE-2010-2542: NIST NVD Details: https://nvd2020-09-08
Red Hat
Git: Arbitrary code execution via specially-crafted .git file2010-07-20

💬Community

2
Bugzilla
CVE-2010-2542 Git: Arbitrary code execution via specially-crafted .git file [fedora-all]2010-09-27
Bugzilla
CVE-2010-2542 Git: Arbitrary code execution via specially-crafted .git file2010-07-26
CVE-2010-2542 — Out-of-bounds Write in Git-scm GIT | cvebase