VDB
CVE-2006-4262
CVE-2006-4262
PUBLISHED
Reported by mitre · Published August 23, 2006
Multiple buffer overflows in cscope 15.5 and earlier allow user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple vectors including (1) a long pathname that is not properly handled during file list parsing, (2) long pathnames that result from path variable expansion such as tilde expansion for the HOME environment variable, and (3) a long -f (aka reffile) command line argument.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | *, *, n/a |
Timeline
- Aug 23, 2006 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 1, 2022 CVE Updated
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- DSA-1186 vendor-advisoryx_refsource_DEBIAN
- x_refsource_CONFIRM
- 21601 third-party-advisoryx_refsource_SECUNIA
- cscope-cscopelists-bo(28545) vdb-entryx_refsource_XF
- RHSA-2009:1101 vendor-advisoryx_refsource_REDHAT
- 28135 vdb-entryx_refsource_OSVDB
- x_refsource_CONFIRM
- 22239 third-party-advisoryx_refsource_SECUNIA
- 22515 third-party-advisoryx_refsource_SECUNIA
- ADV-2006-3374 vdb-entryx_refsource_VUPEN
- oval:org.mitre.oval:def:9661 vdb-entrysignaturex_refsource_OVAL
- x_refsource_CONFIRM
- 19686 vdb-entryx_refsource_BID
- 19687 vdb-entryx_refsource_BID
- GLSA-200610-08 vendor-advisoryx_refsource_GENTOO
- 28136 vdb-entryx_refsource_OSVDB
- cscope-reffile-bo(28546) vdb-entryx_refsource_XF