Subversion SVN Protocol Parser Remote Integer Overflow Vulnerability

It is reported that Subversion is prone to a remote integer overrun vulnerability. The issue exists in the svn protocol parser and is due to a lack of sufficient bounds checking performed on svn URI strings that are transmitted by the client.

If the URI string recieved is long enough an integer overrun may occur where the size value of the URI string will wrap and be misrepresented. This may potentially result in corruption of heap memory management structures.


Privacy Statement
Copyright 2010, SecurityFocus