Oracle Solaris Third-Party Patch Update : cvs (cve_2012_0804_buffer_errors)
Critical Nessus Plugin ID 80598
SynopsisThe remote Solaris system is missing a security patch for third-party software.
DescriptionThe remote Solaris system is missing necessary patches to address security updates :
- Heap-based buffer overflow in the proxy_connect function in src/client.c in CVS 1.11 and 1.12 allows remote HTTP proxy servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTTP response. (CVE-2012-0804)
SolutionUpgrade to Solaris 11.2.