Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:11215
HistoryMay 07, 2009 - 12:00 a.m.

Cscope sprintf()调用栈溢出漏洞

2009-05-0700:00:00
Root
www.seebug.org
10

0.517 Medium

EPSS

Percentile

97.2%

JSON

BUGTRAQ ID: 34805
CVE(CAN) ID: CVE-2009-0148

Cscope是开发人员用于查看源码的工具。

Cscope的sprintf()调用中存在多个栈溢出漏洞。如果用户受骗查看了特制的文件或目录并使用超长的路径名称或源码字符串调用了有漏洞函数的话,就可能触发这个溢出,导致拒绝服务或执行任意代码。

Cscope < 15.7a
Cscope

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

<a href=“http://sourceforge.net/project/downloading.php?group_id=4664&amp;filename=cscope-15.7a.tar.bz2” target=“_blank”>http://sourceforge.net/project/downloading.php?group_id=4664&amp;filename=cscope-15.7a.tar.bz2</a>

Related

nessus 12
altlinux 1
openvas 23
debian 1
securityvulns 4
freebsd 1
redhat 2
cve 1
debiancve 1
prion 1
gentoo 1
oraclelinux 2
centos 2
ubuntucve 1
nessus
nessus
Debian DSA-1806-1 : cscope - buffer overflows
2009-05-26 00:00:00
FreeBSD : cscope -- multiple buffer overflows (c14aa48c-5ab7-11de-bc9b-0030843d3802)
2009-06-17 00:00:00
GLSA-200905-02 : Cscope: User-assisted execution of arbitrary code
2009-05-26 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 6 package cscope version 15.7a-alt1
2009-05-07 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-1806-1)
2009-05-25 00:00:00
Debian Security Advisory DSA 1806-1 (cscope)
2009-05-25 00:00:00
Cscope Multiple Buffer Overflow vulnerability
2009-05-18 00:00:00
debian
debian
[SECURITY] [DSA 1806-1] New cscope packages fix arbitrary code execution
2009-05-24 08:27:51
securityvulns
securityvulns
[SECURITY] [DSA 1806-1] New cscope packages fix arbitrary code execution
2009-05-26 00:00:00
cscope buffer overflow
2009-05-26 00:00:00
Apple Mac OS X multiple security vulnerabilities
2009-05-29 00:00:00
freebsd
freebsd
cscope -- multiple buffer overflows
2009-05-31 00:00:00
redhat
redhat
(RHSA-2009:1102) Moderate: cscope security update
2009-06-15 00:00:00
(RHSA-2009:1101) Moderate: cscope security update
2009-06-15 00:00:00
cve
cve
CVE-2009-0148
2009-05-05 17:30:00
debiancve
debiancve
CVE-2009-0148
2009-05-05 17:30:00
prion
prion
Integer overflow
2009-05-05 17:30:00
gentoo
gentoo
Cscope: User-assisted execution of arbitrary code
2009-05-24 00:00:00
oraclelinux
oraclelinux
cscope security update
2009-06-15 00:00:00
cscope security update
2009-06-15 00:00:00
centos
centos
cscope security update
2009-06-19 11:01:14
cscope security update
2009-06-16 08:39:12
ubuntucve
ubuntucve
CVE-2009-0148
2009-05-05 00:00:00

0.517 Medium

EPSS

Percentile

97.2%

JSON
Related for SSV:11215
nessus12altlinux1openvas23debian1securityvulns4freebsd1redhat2cve1debiancve1prion1gentoo1oraclelinux2centos2ubuntucve1