CVE-2004-2541

Loading...

General

Score:6.9/10.0
Severity:Medium
Category:Buffer Error
Exploit:Available

Impact Metrics

Confidentiality:Complete
Integrity:Complete
Availability:Complete

Exploitability Metrics

Access Vector:Local
Access Complexity:Medium
Authentication:None

Relative vulnerabilities

CVE-2004-0996, CVE-2005-0758, CVE-2005-2090, CVE-2005-3128, CVE-2006-2842, CVE-2006-3174, CVE-2006-4019, CVE-2006-6142, CVE-2007-0450, CVE-2007-0478, CVE-2007-1001, CVE-2007-1262, CVE-2007-1287, CVE-2007-1358, CVE-2007-1460, CVE-2007-1461, CVE-2007-1484, CVE-2007-1521, CVE-2007-1583, CVE-2007-1711, CVE-2007-1717, CVE-2007-1860, CVE-2007-2403, CVE-2007-2404, CVE-2007-2405, CVE-2007-2406, CVE-2007-2407, CVE-2007-2408, CVE-2007-2409, CVE-2007-2410, CVE-2007-2442, CVE-2007-2443, CVE-2007-2446, CVE-2007-2447, CVE-2007-2589, CVE-2007-2798, CVE-2007-3742, CVE-2007-3744, CVE-2007-3745, CVE-2007-3746, CVE-2007-3747, CVE-2007-3748, CVE-2007-3944, CVE-2009-0148

Published on 31/12/04 - Updated on 11/10/17

Description

Buffer overflow in Cscope 15.5, and possibly multiple overflows, allows remote attackers to execute arbitrary code via a C file with a long #include line that is later browsed by the target.

Category: Buffer Error

CWE-119 (Buffer Errors)
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Security Notices

US National Vulnerability DatabaseCVE-2004-2541
Agence Nationale de la Sécurité des Systèmes d'Information CERTA-2007-AVI-340
CentOS CESA-2009:1102
Redhat RHSA-2009:1102
Renater 2007/VULN330

Exploits

SecurityFocusBID-25159

Relative technologies

VendorProduct
cscopecscope

Share this vulnerability with:

Twitter Facebook LinkedIn Mail