FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2009-0148

This CVE name corresponds to:

Entered Topic
2009-06-16 cscope -- multiple buffer overflows

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2009-0148
Phase Assigned(20090116)

Description

Multiple buffer overflows in Cscope before 15.7a allow remote attackers to execute arbitrary code via long strings in input such as (1) source-code tokens and (2) pathnames, related to integer overflows in some cases. NOTE: this issue exists because of an incomplete fix for CVE-2004-2541.

References

Source Reference
MLIST [cscope-cvs] 20090410 CVS: cscope/src snprintf.c, NONE, 1.1 build.c, 1.14, 1.15 command.c, 1.32, 1.33 dir.c, 1.30, 1.31 display.c, 1.29, 1.30 edit.c, 1.6, 1.7 exec.c, 1.11, 1.12 find.c, 1.20, 1.21 global.h, 1.36, 1.37 main.c, 1.45, 1.46 Makefile.am, 1.12, 1.13 Makefile.in, 1.15, 1.16 vpaccess.c, 1.2, 1.3 vpfopen.c, 1.3, 1.4 vpopen.c, 1.4, 1.5
MLIST [oss-security] 20090506 Re: Old cscope buffer overflow
CONFIRM http://sourceforge.net/forum/forum.php?forum_id=947983
CONFIRM http://sourceforge.net/project/shownotes.php?group_id=4664&release_id=679527
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=490667
CONFIRM http://support.apple.com/kb/HT3549
APPLE APPLE-SA-2009-05-12
DEBIAN DSA-1806
GENTOO GLSA-200905-02
REDHAT RHSA-2009:1101
REDHAT RHSA-2009:1102
CERT TA09-133A
BID 34805
OVAL oval:org.mitre.oval:def:9633
SECTRACK 1022218
SECUNIA 34978
SECUNIA 35074
SECUNIA 35213
SECUNIA 35214
SECUNIA 35462
VUPEN ADV-2009-1238
VUPEN ADV-2009-1297