CVE-2006-4262

Impact:
Low
Public Date:
2006-08-20
Bugzilla:
203645: CVE-2006-4262 cscope: multiple buffer overflows

The MITRE CVE dictionary describes this issue as:

Multiple buffer overflows in cscope 15.5 and earlier allow user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple vectors including (1) a long pathname that is not properly handled during file list parsing, (2) long pathnames that result from path variable expansion such as tilde expansion for the HOME environment variable, and (3) a long -f (aka reffile) command line argument.

Find out more about CVE-2006-4262 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

Red Hat Enterprise Linux 5 was not vulnerable to this issue as it contained a backported patch since its first release.

In Red Hat Enterprise Linux 3 and 4, this issue was addressed via: https://rhn.redhat.com/errata/RHSA-2009-1101.html

CVSS v2 metrics

Base Score 3.7
Base Metrics AV:L/AC:H/Au:N/C:P/I:P/A:P
Access Vector Local
Access Complexity High
Authentication None
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact Partial

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 4 (cscope) RHSA-2009:1101 2009-06-15
Red Hat Enterprise Linux 3 (cscope) RHSA-2009:1101 2009-06-15
Last Modified

CVE description copyright © 2017, The MITRE Corporation