Vulnerability Name:

CVE-2006-4262 (CCN-28545)

Assigned:2006-08-20
Published:2006-08-20
Updated:2017-10-11
Summary:Multiple buffer overflows in cscope 15.5 and earlier allow user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple vectors including (1) a long pathname that is not properly handled during file list parsing, (2) long pathnames that result from path variable expansion such as tilde expansion for the HOME environment variable, and (3) a long -f (aka reffile) command line argument.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:5.1 Medium (CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
3.8 Low (Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): 
Access Complexity (AC): 
Authentication (Au): 
Impact Metrics:Confidentiality (C): 
Integrity (I): 
Availibility (A): 
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): 
Access Complexity (AC): 
Athentication (Au): 
Impact Metrics:Confidentiality (C): 
Integrity (I): 
Availibility (A): 
3.7 Low (REDHAT CVSS v2 Vector: AV:L/AC:H/Au:N/C:P/I:P/A:P)
2.7 Low (REDHAT Temporal CVSS v2 Vector: AV:L/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): 
Access Complexity (AC): 
Authentication (Au): 
Impact Metrics:Confidentiality (C): 
Integrity (I): 
Availibility (A): 
Vulnerability Type:CWE-119
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2006-4262

Source: CCN
Type: RHSA-2009-1101
Moderate: cscope security update

Source: CCN
Type: SA21601
Cscope Buffer Overflow Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
21601

Source: SECUNIA
Type: Vendor Advisory
22239

Source: SECUNIA
Type: Vendor Advisory
22515

Source: GENTOO
Type: UNKNOWN
GLSA-200610-08

Source: CCN
Type: SourceForge.net
cscope

Source: CONFIRM
Type: UNKNOWN
http://sourceforge.net/mailarchive/forum.php?thread_id=30266760&forum_id=33500

Source: CONFIRM
Type: UNKNOWN
http://sourceforge.net/mailarchive/forum.php?thread_id=30266761&forum_id=33500

Source: CCN
Type: ASA-2009-236
cscope security update (RHSA-2009-1101)

Source: DEBIAN
Type: UNKNOWN
DSA-1186

Source: DEBIAN
Type: DSA-1186
cscope -- buffer overflows

Source: CCN
Type: GLSA-200610-08
Cscope: Multiple buffer overflows

Source: OSVDB
Type: UNKNOWN
28135

Source: OSVDB
Type: UNKNOWN
28136

Source: CCN
Type: OSVDB ID: 28135
Cscope cscope.lists Handling Multiple Overflows

Source: CCN
Type: OSVDB ID: 28136
Cscope Command Line reffile Argument Overflow

Source: REDHAT
Type: Vendor Advisory
RHSA-2009:1101

Source: BID
Type: UNKNOWN
19686

Source: CCN
Type: BID-19686
Cscope 'cscope.lists' Multiple Buffer Overflow Vulnerabilities

Source: BID
Type: UNKNOWN
19687

Source: CCN
Type: BID-19687
Cscope Reffile Local Buffer Overflow Vulnerability

Source: VUPEN
Type: Vendor Advisory
ADV-2006-3374

Source: CONFIRM
Type: Patch, Vendor Advisory
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=203645

Source: XF
Type: UNKNOWN
cscope-cscopelists-bo(28545)

Source: XF
Type: UNKNOWN
cscope-cscopelists-bo(28545)

Source: XF
Type: UNKNOWN
cscope-reffile-bo(28546)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:9661

Vulnerable Configuration:Configuration 1:
  • cpe:/a:cscope:cscope:*:*:*:*:*:*:*:* (Version <= 15.5)

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • * Denotes that component is vulnerable
    Vulnerability Name:

    CVE-2006-4262 (CCN-28546)

    Assigned:2006-08-20
    Published:2006-08-20
    Updated:2006-08-20
    Summary:Multiple buffer overflows in cscope 15.5 and earlier allow user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple vectors including (1) a long pathname that is not properly handled during file list parsing, (2) long pathnames that result from path variable expansion such as tilde expansion for the HOME environment variable, and (3) a long -f (aka reffile) command line argument.
    CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
    Exploitability Metrics:Attack Vector (AV): Network
    Attack Complexity (AC): Low
    Privileges Required (PR): None
    User Interaction (UI): None
    Scope:Scope (S): Unchanged
    Impact Metrics:Confidentiality (C): Low
    Integrity (I): Low
    Availibility (A): Low
    CVSS v2 Severity:5.1 Medium (CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
    3.8 Low (Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
    Exploitability Metrics:Access Vector (AV): 
    Access Complexity (AC): 
    Authentication (Au): 
    Impact Metrics:Confidentiality (C): 
    Integrity (I): 
    Availibility (A): 
    7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
    5.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
    Exploitability Metrics:Access Vector (AV): 
    Access Complexity (AC): 
    Athentication (Au): 
    Impact Metrics:Confidentiality (C): 
    Integrity (I): 
    Availibility (A): 
    3.7 Low (REDHAT CVSS v2 Vector: AV:L/AC:H/Au:N/C:P/I:P/A:P)
    2.7 Low (REDHAT Temporal CVSS v2 Vector: AV:L/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
    Exploitability Metrics:Access Vector (AV): 
    Access Complexity (AC): 
    Authentication (Au): 
    Impact Metrics:Confidentiality (C): 
    Integrity (I): 
    Availibility (A): 
    Vulnerability Consequences:Gain Access
    References:Source: MITRE
    Type: CNA
    CVE-2006-4262

    Source: CCN
    Type: RHSA-2009-1101
    Moderate: cscope security update

    Source: CCN
    Type: SA21601
    Cscope Buffer Overflow Vulnerabilities

    Source: CCN
    Type: SourceForge.net
    cscope

    Source: CCN
    Type: ASA-2009-236
    cscope security update (RHSA-2009-1101)

    Source: DEBIAN
    Type: DSA-1186
    cscope -- buffer overflows

    Source: CCN
    Type: GLSA-200610-08
    Cscope: Multiple buffer overflows

    Source: CCN
    Type: OSVDB ID: 28135
    Cscope cscope.lists Handling Multiple Overflows

    Source: CCN
    Type: OSVDB ID: 28136
    Cscope Command Line reffile Argument Overflow

    Source: CCN
    Type: BID-19686
    Cscope 'cscope.lists' Multiple Buffer Overflow Vulnerabilities

    Source: CCN
    Type: BID-19687
    Cscope Reffile Local Buffer Overflow Vulnerability

    Source: XF
    Type: UNKNOWN
    cscope-reffile-bo(28546)

    Vulnerable Configuration:Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*
    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20064262
    V
    		CVE-2006-4262
    2022-06-30
    oval:org.opensuse.security:def:112121
    P
    		cscope-15.9-1.9 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:26218
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:105658
    P
    		Security update for salt (Moderate)
    2021-10-27
    oval:org.opensuse.security:def:26137
    P
    		Security update for sqlite3 (Important)
    2021-09-23
    oval:org.opensuse.security:def:36384
    P
    		cscope-15.6-95.22 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:26612
    P
    		man on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26009
    P
    		Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27347
    P
    		libslp1-openssl1 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26359
    P
    		Security update for phpMyAdmin (Important)
    2020-12-01
    oval:org.opensuse.security:def:25933
    P
    		Security update for gstreamer-0_10-plugins-good (Important)
    2020-12-01
    oval:org.opensuse.security:def:26651
    P
    		xen on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27382
    P
    		cscope on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26510
    P
    		Security update for nextcloud (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25934
    P
    		Security update for the Linux kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:26665
    P
    		acpid on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26563
    P
    		gvim on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25945
    P
    		Security update for ImageMagick (Important)
    2020-12-01
    oval:org.opensuse.security:def:26709
    P
    		gmime on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26275
    P
    		Security update for freerdp (Important)
    2020-12-01
    oval:org.mitre.oval:def:9661
    V
    		Multiple buffer overflows in cscope 15.5 and earlier allow user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple vectors including (1) a long pathname that is not properly handled during file list parsing, (2) long pathnames that result from path variable expansion such as tilde expansion for the HOME environment variable, and (3) a long -f (aka reffile) command line argument.
    2013-04-29
    oval:com.redhat.rhsa:def:20091101
    P
    		RHSA-2009:1101: cscope security update (Moderate)
    2009-06-15
    oval:org.debian:def:1186
    V
    		buffer overflows
    2006-09-30
    BACK
    cscope cscope *