CVE-2004-2541

Properties

Published:
30.12.2004
Updated:
23.06.2009
Patch available:
Severity:
Medium
CVSS vector:
(AV:L/AC:M/Au:N/C:C/I:C/A:C)
Product:
cscope: cscope

Vulnerability description

Buffer overflow in Cscope 15.5, and possibly multiple overflows, allows remote attackers to execute arbitrary code via a C file with a long #include line that is later browsed by the target.

References:

CONFIRM: https://bugzilla.redhat.com/show_bug.cgi?id=490667
BID: http://www.securityfocus.com/bid/25159
BID: http://www.securityfocus.com/bid/18050
REDHAT: http://www.redhat.com/support/errata/RHSA-2009-1102.html
REDHAT: http://www.redhat.com/support/errata/RHSA-2009-1101.html
OSVDB: http://www.osvdb.org/11920
GENTOO: http://www.gentoo.org/security/en/glsa/glsa-200606-10.xml
VUPEN: http://www.frsirt.com/english/advisories/2007/2732
DEBIAN: http://www.debian.org/security/2006/dsa-1064
MISC: http://sourceforge.net/tracker/index.php?func=detail&aid=1064875&group_id=4664&atid=104664
SECUNIA: http://secunia.com/advisories/35462
SECUNIA: http://secunia.com/advisories/26235
SECUNIA: http://secunia.com/advisories/20564
SECUNIA: http://secunia.com/advisories/20191
SECUNIA: http://secunia.com/advisories/13237
APPLE: http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
CONFIRM: http://docs.info.apple.com/article.html?artnum=306172