ByteOS Network

NVD Vulnerability Details :

CVE-2006-4262

Modified

Source-cve@mitre.org

Published At-23 Aug, 2006 | 10:04

Updated At-16 Apr, 2026 | 00:27

Multiple buffer overflows in cscope 15.5 and earlier allow user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple vectors including (1) a long pathname that is not properly handled during file list parsing, (2) long pathnames that result from path variable expansion such as tilde expansion for the HOME environment variable, and (3) a long -f (aka reffile) command line argument.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	5.1	MEDIUM	AV:N/AC:H/Au:N/C:P/I:P/A:P

Type: Primary

Version: 2.0

Base score: 5.1

Base severity: MEDIUM

Vector:

AV:N/AC:H/Au:N/C:P/I:P/A:P

CPE Matches

cscope>>cscope>>Versions up to 15.5(inclusive)

cpe:2.3:a:cscope:cscope:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-119	Primary	nvd@nist.gov

CWE ID: CWE-119

Type: Primary

Source: nvd@nist.gov

Vendor Statements

Organization : Red Hat

Last Modified : 2009-06-16T00:00:00

Red Hat Enterprise Linux 5 was not vulnerable to this issue as it contained a backported patch since its first release. In Red Hat Enterprise Linux 3 and 4, this issue was addressed via: https://rhn.redhat.com/errata/RHSA-2009-1101.html

References

Hyperlink	Source	Resource
http://secunia.com/advisories/21601	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/22239	cve@mitre.org	Vendor Advisory
http://secunia.com/advisories/22515	cve@mitre.org	Vendor Advisory
http://security.gentoo.org/glsa/glsa-200610-08.xml	cve@mitre.org	N/A
http://sourceforge.net/mailarchive/forum.php?thread_id=30266760&forum_id=33500	cve@mitre.org	N/A
http://sourceforge.net/mailarchive/forum.php?thread_id=30266761&forum_id=33500	cve@mitre.org	N/A
http://www.debian.org/security/2006/dsa-1186	cve@mitre.org	N/A
http://www.osvdb.org/28135	cve@mitre.org	N/A
http://www.osvdb.org/28136	cve@mitre.org	N/A
http://www.redhat.com/support/errata/RHSA-2009-1101.html	cve@mitre.org	Vendor Advisory
http://www.securityfocus.com/bid/19686	cve@mitre.org	N/A
http://www.securityfocus.com/bid/19687	cve@mitre.org	N/A
http://www.vupen.com/english/advisories/2006/3374	cve@mitre.org	Vendor Advisory
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=203645	cve@mitre.org	Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/28545	cve@mitre.org	N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/28546	cve@mitre.org	N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9661	cve@mitre.org	N/A
http://secunia.com/advisories/21601	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
http://secunia.com/advisories/22239	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
http://secunia.com/advisories/22515	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
http://security.gentoo.org/glsa/glsa-200610-08.xml	af854a3a-2127-422b-91ae-364da2661108	N/A
http://sourceforge.net/mailarchive/forum.php?thread_id=30266760&forum_id=33500	af854a3a-2127-422b-91ae-364da2661108	N/A
http://sourceforge.net/mailarchive/forum.php?thread_id=30266761&forum_id=33500	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.debian.org/security/2006/dsa-1186	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.osvdb.org/28135	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.osvdb.org/28136	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.redhat.com/support/errata/RHSA-2009-1101.html	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
http://www.securityfocus.com/bid/19686	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.securityfocus.com/bid/19687	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.vupen.com/english/advisories/2006/3374	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=203645	af854a3a-2127-422b-91ae-364da2661108	Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/28545	af854a3a-2127-422b-91ae-364da2661108	N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/28546	af854a3a-2127-422b-91ae-364da2661108	N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9661	af854a3a-2127-422b-91ae-364da2661108	N/A