Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.1
CVSSv2

CVE-2006-4262

Published: 23/08/2006 Updated: 11/10/2017
CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9
VMScore: 454
Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Subscribe to Cscope

Vulnerability Summary

Multiple buffer overflows in cscope 15.5 and previous versions allow user-assisted malicious users to cause a denial of service (crash) and possibly execute arbitrary code via multiple vectors including (1) a long pathname that is not properly handled during file list parsing, (2) long pathnames that result from path variable expansion such as tilde expansion for the HOME environment variable, and (3) a long -f (aka reffile) command line argument.

Vulnerable Product Search on Vulmon Subscribe to Product

cscope cscope

Vendor Advisories

Red Hat: Moderate: cscope security update
Synopsis Moderate: cscope security update Type/Severity Security Advisory: Moderate Topic An updated cscope package that fixes multiple security issues is nowavailable for Red Hat Enterprise Linux 3 and 4This update has been rated as having moderate security impact by the RedHat Security Response Team ...
Debian CVElist Bug Report Logs: CVE-2006-4262: Cscope Buffer Overflow Vulnerabilities
Debian Bug report logs - #385893 CVE-2006-4262: Cscope Buffer Overflow Vulnerabilities Package: cscope; Maintainer for cscope is Tobias Klauser <tklauser@distanzch>; Source for cscope is src:cscope (PTS, buildd, popcon) Reported by: Stefan Fritsch <sf@sfritschde> Date: Sun, 3 Sep 2006 20:33:05 UTC Severity: grave ...
Debian Security Advisories: DSA-1186-1 cscope -- buffer overflows
Will Drewry of the Google Security Team discovered several buffer overflows in cscope, a source browsing tool, which might lead to the execution of arbitrary code For the stable distribution (sarge) this problem has been fixed in version 155-11sarge2 For the unstable distribution (sid) this problem has been fixed in version 155+cvs20060902-1 ...

References

CWE-119http://sourceforge.net/mailarchive/forum.php?thread_id=30266761&forum_id=33500https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=203645http://sourceforge.net/mailarchive/forum.php?thread_id=30266760&forum_id=33500http://www.osvdb.org/28135http://www.osvdb.org/28136http://secunia.com/advisories/21601http://www.securityfocus.com/bid/19686http://www.securityfocus.com/bid/19687http://www.debian.org/security/2006/dsa-1186http://secunia.com/advisories/22239http://security.gentoo.org/glsa/glsa-200610-08.xmlhttp://secunia.com/advisories/22515http://www.redhat.com/support/errata/RHSA-2009-1101.htmlhttp://www.vupen.com/english/advisories/2006/3374https://exchange.xforce.ibmcloud.com/vulnerabilities/28546https://exchange.xforce.ibmcloud.com/vulnerabilities/28545https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9661https://access.redhat.com/errata/RHSA-2009:1101https://nvd.nist.govhttps://www.debian.org/security/./dsa-1186
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validationCVE-2024-34413CVE-2024-34089CVE-2024-33408localSQLCVE-2024-0402CVE-2024-33910CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook