RedHatRHSA-2009:1101(RHSA-2009:1101) Moderate: cscope security update
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.517 Medium
EPSS
Percentile
97.2%
cscope is a mature, ncurses-based, C source-code tree browsing tool.
Multiple buffer overflow flaws were found in cscope. An attacker could
create a specially crafted source code file that could cause cscope to
crash or, possibly, execute arbitrary code when browsed with cscope.
(CVE-2004-2541, CVE-2006-4262, CVE-2009-0148, CVE-2009-1577)
All users of cscope are advised to upgrade to this updated package, which
contains backported patches to fix these issues. All running instances of
cscope must be restarted for this update to take effect.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | any | x86_64 | cscope | < 15.5-10.RHEL4.3 | cscope-15.5-10.RHEL4.3.x86_64.rpm |
| RedHat | any | s390 | cscope | < 15.5-10.RHEL4.3 | cscope-15.5-10.RHEL4.3.s390.rpm |
| RedHat | any | ppc | cscope | < 15.5-10.RHEL4.3 | cscope-15.5-10.RHEL4.3.ppc.rpm |
| RedHat | any | i386 | cscope | < 15.5-10.RHEL4.3 | cscope-15.5-10.RHEL4.3.i386.rpm |
| RedHat | any | src | cscope | < 15.5-10.RHEL4.3 | cscope-15.5-10.RHEL4.3.src.rpm |
| RedHat | any | s390x | cscope | < 15.5-10.RHEL4.3 | cscope-15.5-10.RHEL4.3.s390x.rpm |
| RedHat | any | ia64 | cscope | < 15.5-10.RHEL4.3 | cscope-15.5-10.RHEL4.3.ia64.rpm |
Related
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.517 Medium
EPSS
Percentile
97.2%