ID CVE-2004-1259 Type cve Reporter cve@mitre.org Modified 2017-07-11T01:30:00
Description
Multiple buffer overflows in the handle_directive function in abcpp.c for abcpp 1.3.0 allow remote attackers to execute arbitrary code via crafted ABC files.
{"osvdb": [{"lastseen": "2017-04-28T13:20:08", "bulletinFamily": "software", "description": "## Vulnerability Description\nA remote overflow exists in abcpp. The 'handle_directive()' function fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted ABC file, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nA remote overflow exists in abcpp. The 'handle_directive()' function fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted ABC file, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.\n## References:\nVendor URL: http://abcplus.sourceforge.net/\nSecurity Tracker: 1012596\n[Secunia Advisory ID:13524](https://secuniaresearch.flexerasoftware.com/advisories/13524/)\nOther Advisory URL: http://tigger.uic.edu/~jlongs2/holes/abcpp.txt\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-12/0195.html\nISS X-Force ID: 18581\n[CVE-2004-1259](https://vulners.com/cve/CVE-2004-1259)\nBugtraq ID: 12021\n", "modified": "2004-12-16T00:05:56", "published": "2004-12-16T00:05:56", "href": "https://vulners.com/osvdb/OSVDB:12432", "id": "OSVDB:12432", "type": "osvdb", "title": "abcpp handle_directive() Function Overflow", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}