Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2009-1577

Published: 07/05/2009 Updated: 29/09/2017
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 828
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Cscope

Vulnerability Summary

Multiple stack-based buffer overflows in the putstring function in find.c in Cscope prior to 15.6 allow user-assisted remote malicious users to execute arbitrary code via a long (1) function name or (2) symbol in a source-code file.

Vulnerable Product Search on Vulmon Subscribe to Product

cscope cscope 15.1

cscope cscope 15.3

cscope cscope 13.0

cscope cscope 15.0bl2

cscope cscope 15.4

cscope cscope

Vendor Advisories

Red Hat: Moderate: cscope security update
Synopsis Moderate: cscope security update Type/Severity Security Advisory: Moderate Topic An updated cscope package that fixes multiple security issues is nowavailable for Red Hat Enterprise Linux 3 and 4This update has been rated as having moderate security impact by the RedHat Security Response Team ...

References

CWE-119http://www.openwall.com/lists/oss-security/2009/05/05/1https://bugzilla.redhat.com/show_bug.cgi?id=189666http://www.openwall.com/lists/oss-security/2009/05/06/9http://cscope.cvs.sourceforge.net/viewvc/cscope/cscope/src/find.c?r1=1.18&r2=1.19http://www.openwall.com/lists/oss-security/2009/05/06/10https://bugzilla.redhat.com/show_bug.cgi?id=499174http://cscope.cvs.sourceforge.net/viewvc/cscope/cscope/src/find.c?view=log#rev1.19http://cvs.fedoraproject.org/viewvc/rpms/cscope/devel/cscope-15.5-putstring-overflow.patchhttp://secunia.com/advisories/35213http://security.gentoo.org/glsa/glsa-200905-02.xmlhttp://www.redhat.com/support/errata/RHSA-2009-1101.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/50366https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9837https://access.redhat.com/errata/RHSA-2009:1101https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377CVE-2024-20859CVE-2023-49606injectarbitrary CVE-2024-33788CVE-2024-30973IDORCVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook