FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

git -- buffer overflow vulnerability

Affected packages
1.5.6 <= git < 1.7.1.1_1

Details

VuXML ID 827bc2b7-95ed-11df-9160-00e0815b8da8
Discovery 2010-07-20
Entry 2010-07-23

Greg Brockman reports:

If an attacker were to create a crafted working copy where the user runs any git command, the attacker could force execution of arbitrary code.

[source]

References

CVE Name CVE-2010-2542
URL http://git.kernel.org/?p=git/git.git;a=commit;h=3c9d0414ed2db0167e6c828b547be8fc9f88fccc
URL http://www.openwall.com/lists/oss-security/2010/07/22/1

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.