CVE-2006-4262

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2006-4262
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2006-4262.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2006-4262
Related
Published
2006-08-23T10:04:00Z
Modified
2025-04-03T01:03:51Z
Downstream
Summary
[none]
Details

Multiple buffer overflows in cscope 15.5 and earlier allow user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple vectors including (1) a long pathname that is not properly handled during file list parsing, (2) long pathnames that result from path variable expansion such as tilde expansion for the HOME environment variable, and (3) a long -f (aka reffile) command line argument.

References

Affected packages

Debian:11 / cscope

Package

Name
cscope
Purl
pkg:deb/debian/cscope?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15.5+cvs20060902-1

Ecosystem specific 

{
    "urgency": "low"
}

Debian:12 / cscope

Package

Name
cscope
Purl
pkg:deb/debian/cscope?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15.5+cvs20060902-1

Ecosystem specific 

{
    "urgency": "low"
}

Debian:13 / cscope

Package

Name
cscope
Purl
pkg:deb/debian/cscope?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15.5+cvs20060902-1

Ecosystem specific 

{
    "urgency": "low"
}