Cscope Multiple Buffer Overflow Vulnerability Network Vulnerability

Summary

This host has installed Cscope and is prone to Multiple Buffer Overflow vulnerability.

Impact

Successful exploitation could allow remote attackers to execute arbitrary code or cause buffer overflows while parsing specially crafted files or directories. Impact Level: Application

Solution

Upgrade to Cscope version 15.7a http://sourceforge.net/projects/cscope

Insight

Boundary error exists in various functions using insecure sprintf, snprintf via long strings in input such as source-code tokens and pathnames.

Affected

Cscope version prior to 15.7a

References

http://sourceforge.net/project/shownotes.php?release_id=679527
http://www.vupen.com/english/advisories/2009/1238
https://bugzilla.redhat.com/show_bug.cgi?id=490667

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-0148

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Acrobat and Reader SING 'uniqueName' Buffer Overflow Vulnerability (Linux)
Adobe Reader 'File Extension' Buffer Overflow Vulnerability (Windows)
A-V Tronics InetServ POP3 Denial Of Service Vulnerability
Adobe Reader 'XFDF' File Buffer Overflow Vulnerability (Windows)
Adobe Audition '.ses' Multiple Buffer Overflow Vulnerabilities (Windows)

Cscope Multiple Buffer Overflow vulnerability

Take action and discover your vulnerabilities