9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.592 Medium
EPSS
Percentile
97.7%
Multiple buffer overflows in Cscope before 15.7a allow remote attackers to
execute arbitrary code via long strings in input such as (1) source-code
tokens and (2) pathnames, related to integer overflows in some cases. NOTE:
this issue exists because of an incomplete fix for CVE-2004-2541.