Cscope Multiple Buffer Overflow Vulnerability Network Vulnerability

Summary

This host has installed Cscope and is prone to Multiple Buffer Overflow vulnerability.

Impact

Successful exploitation could allow remote attackers to execute arbitrary code or cause buffer overflows while parsing specially crafted files or directories. Impact Level: Application

Solution

Upgrade to Cscope version 15.7a http://sourceforge.net/projects/cscope

Insight

Boundary error exists in various functions using insecure sprintf, snprintf via long strings in input such as source-code tokens and pathnames.

Affected

Cscope version prior to 15.7a

References

http://sourceforge.net/project/shownotes.php?release_id=679527
http://www.vupen.com/english/advisories/2009/1238
https://bugzilla.redhat.com/show_bug.cgi?id=490667

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-0148

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Advantech Studio Multiple Buffer Overflow Vulnerabilities
Adobe Acrobat and Reader SING 'uniqueName' Buffer Overflow Vulnerability (Win)
Apple iTunes '.pls' Files Buffer Overflow Vulnerability
Beatport Player '.m3u' File Buffer Overflow Vulnerability
Bopup Communication Server Remote Buffer Overflow Vulnerability

Cscope Multiple Buffer Overflow vulnerability

Take action and discover your vulnerabilities