FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2004-2541

This CVE name corresponds to:

Entered Topic
2006-05-23 cscope -- buffer overflow vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2004-2541
Phase Assigned(20051120)

Description

Buffer overflow in Cscope 15.5, and possibly multiple overflows, allows remote attackers to execute arbitrary code via a C file with a long #include line that is later browsed by the target.

References

Source Reference
MISC http://sourceforge.net/tracker/index.php?func=detail&aid=1064875&group_id=4664&atid=104664
CONFIRM http://docs.info.apple.com/article.html?artnum=306172
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=490667
APPLE APPLE-SA-2007-07-31
DEBIAN DSA-1064
GENTOO GLSA-200606-10
REDHAT RHSA-2009:1101
REDHAT RHSA-2009:1102
BID 18050
BID 25159
OVAL oval:org.mitre.oval:def:10069
SECUNIA 35462
VUPEN ADV-2007-2732
OSVDB 11920
SECUNIA 13237
SECUNIA 20191
SECUNIA 20564
SECUNIA 26235