As viewed in URL: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0396 Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines. This exploit makes computers running cvs pserver vulnerable to a remote code execution attack.