CVSS: 10.0EPSS: 10%CPEs: 7EXPL: 0CVE-2004-0413
https://notcve.org/view.php?id=CVE-2004-0413
23 Jun 2004 — libsvn_ra_svn in Subversion 1.0.4 trusts the length field of (1) svn://, (2) svn+ssh://, and (3) other svn protocol URL strings, which allows remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via an integer overflow that leads to a heap-based buffer overflow. libsvn_ra_svn en Subversion 1.0.4 confía en el campo de longitud de (1) svn://, (2) svn+ssh://, y (3) otras cadenas de protocolo svn, lo que permite a atacantes remotos causar una denegación de servi... • http://subversion.tigris.org/security/CAN-2004-0413-advisory.txt •
CVSS: 9.8EPSS: 86%CPEs: 3EXPL: 4CVE-2004-0397 – Subversion 1.0.2 - 'svn_time_from_cstring()' Remote Overflow
https://notcve.org/view.php?id=CVE-2004-0397
28 May 2004 — Stack-based buffer overflow during the apr_time_t data conversion in Subversion 1.0.2 and earlier allows remote attackers to execute arbitrary code via a (1) DAV2 REPORT query or (2) get-dated-rev svn-protocol command. Desbordamiento basado en la pila durante la conversión de datos apr_time en Subversion 1.0.2 y anteriores permite a atacantes remotos ejecutar código arbitrairo mediante: (1) una consulta DAV2 REPORT o (2) una orden get-dated-rev svn-protocol • https://www.exploit-db.com/exploits/304 •