Concurrent Versions Software (CVS) uses predictable temporary file names for locking, which allows local users to cause a denial of service by creating the lock directory before it is created for use by a legitimate CVS user.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-667,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| concurrent_versions_software_project | concurrent_versions_software | - |
| cvs | cvs | 1.10.7 |