cbcvebase.
CVE-2010-3846
published 2010-11-05

CVE-2010-3846: Array index error in the apply_rcs_change function in rcs.c in CVS 1.11.23 allows local users to gain privileges via an RCS file containing crafted delta…

PriorityP424medium6.9CVSS 2.0
AVLACMAuNCCICAC
EPSS
0.39%
31.0th percentile
Array index error in the apply_rcs_change function in rcs.c in CVS 1.11.23 allows local users to gain privileges via an RCS file containing crafted delta fragment changes that trigger a heap-based buffer overflow.

Affected

14 ranges
VendorProductVersion rangeFixed in
cvscvs>= 0 < 1.12.12-r01.12.12-r0
cvscvs>= 0 < 1.12.12-r01.12.12-r0
cvscvs>= 0 < 1.12.12-r01.12.12-r0
cvscvs>= 0 < 1.12.12-r01.12.12-r0
cvscvs>= 0 < 1.12.12-r01.12.12-r0
cvscvs>= 0 < 1.12.12-r01.12.12-r0
cvscvs>= 0 < 1.12.12-r01.12.12-r0
cvscvs>= 0 < 1.12.12-r01.12.12-r0
cvscvs>= 0 < 1.12.12-r01.12.12-r0
cvscvs>= 0 < 1.12.12-r01.12.12-r0
cvscvs>= 0 < 1.12.12-r01.12.12-r0
cvscvs>= 0 < 1.12.12-r01.12.12-r0
debiancvs
nongnucvs

CVSS provenance

nvdv2.06.9MEDIUMAV:L/AC:M/Au:N/C:C/I:C/A:C
osv6.9MEDIUM
vendor_debian6.9LOW
vendor_redhat6.9MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.