CVE-2006-4262

2006-08-2300:00:00

ubuntu.com

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.021 Low

EPSS

Percentile

89.0%

JSON

Multiple buffer overflows in cscope 15.5 and earlier allow user-assisted
attackers to cause a denial of service (crash) and possibly execute
arbitrary code via multiple vectors including (1) a long pathname that is
not properly handled during file list parsing, (2) long pathnames that
result from path variable expansion such as tilde expansion for the HOME
environment variable, and (3) a long -f (aka reffile) command line
argument.

OSVersionArchitecturePackageVersionFilename
ubuntu6.10noarchcscope< 15.5+cvs20060902-3UNKNOWN
ubuntu7.04noarchcscope< 15.5+cvs20060902-3UNKNOWN
ubuntu7.10noarchcscope< 15.5+cvs20060902-3UNKNOWN
ubuntu8.04noarchcscope< 15.5+cvs20060902-3UNKNOWN
ubuntu8.10noarchcscope< 15.5+cvs20060902-3UNKNOWN
ubuntu9.04noarchcscope< 15.5+cvs20060902-3UNKNOWN
ubuntu9.10noarchcscope< 15.5+cvs20060902-3UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	6.10	noarch	cscope	< 15.5+cvs20060902-3	UNKNOWN
ubuntu	7.04	noarch	cscope	< 15.5+cvs20060902-3	UNKNOWN
ubuntu	7.10	noarch	cscope	< 15.5+cvs20060902-3	UNKNOWN
ubuntu	8.04	noarch	cscope	< 15.5+cvs20060902-3	UNKNOWN
ubuntu	8.10	noarch	cscope	< 15.5+cvs20060902-3	UNKNOWN
ubuntu	9.04	noarch	cscope	< 15.5+cvs20060902-3	UNKNOWN
ubuntu	9.10	noarch	cscope	< 15.5+cvs20060902-3	UNKNOWN