Cscope Putstring Multiple Buffer Overflow Vulnerability Network Vulnerability

Summary

This host has installed Cscope and is prone to Multiple Buffer Overflow vulnerability

Impact

Successful exploitation could allow remote attackers to execute arbitrary code or can cause stack based buffer overflows. Impact Level: Application

Solution

Upgrade to Cscope version 15.6 http://sourceforge.net/projects/cscope

Insight

Error exists when application fails to perform adequate boundary checks in putstring function in find.c via a long function name or symbol in a source code file.

Affected

Cscope version prior to 15.6

References

http://cscope.cvs.sourceforge.net/viewvc/cscope/cscope/src/find.c?view=log#rev1.19
http://www.vupen.com/english/advisories/2009/1238
https://bugzilla.redhat.com/show_bug.cgi?id=499174

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-1577

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

3CTftpSvc TFTP Server Long Mode Buffer Overflow Vulnerability
Buffer Overflow Vulnerability in Adobe Reader (Linux)
Adobe Reader '/Registry' and '/Ordering' Buffer Overflow Vulnerability (Win)
Apple QuickTime Multiple Buffer Overflow Vulnerabilities (Windows)
BigAnt IM Server HTTP GET Request Buffer Overflow Vulnerability

Cscope putstring Multiple Buffer Overflow vulnerability

Take action and discover your vulnerabilities