Unrated severityNVD Advisory· Published Nov 5, 2010· Updated Apr 29, 2026
CVE-2010-3846
CVE-2010-3846
Description
Array index error in the apply_rcs_change function in rcs.c in CVS 1.11.23 allows local users to gain privileges via an RCS file containing crafted delta fragment changes that trigger a heap-based buffer overflow.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
18- cvs.savannah.gnu.org/viewvc/cvs/ccvs/src/rcs.cnvdPatch
- www.vupen.com/english/advisories/2010/2845nvdPatchVendor Advisory
- bugzilla.redhat.com/show_bug.cginvdPatch
- secunia.com/advisories/41079nvdVendor Advisory
- lists.fedoraproject.org/pipermail/package-announce/2010-November/050212.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2010-November/050287.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2010-October/050090.htmlnvd
- secunia.com/advisories/42041nvd
- secunia.com/advisories/42409nvd
- www.osvdb.org/68952nvd
- www.redhat.com/support/errata/RHSA-2010-0918.htmlnvd
- www.securityfocus.com/bid/44528nvd
- www.securitytracker.com/idnvd
- www.vupen.com/english/advisories/2010/2846nvd
- www.vupen.com/english/advisories/2010/2869nvd
- www.vupen.com/english/advisories/2010/2899nvd
- www.vupen.com/english/advisories/2010/3080nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/62858nvd
News mentions
0No linked articles in our index yet.