CVSS: 9.8EPSS: 12%CPEs: 6EXPL: 1CVE-2009-1577 – cscope: putstring buffer overflow
https://notcve.org/view.php?id=CVE-2009-1577
07 May 2009 — Multiple stack-based buffer overflows in the putstring function in find.c in Cscope before 15.6 allow user-assisted remote attackers to execute arbitrary code via a long (1) function name or (2) symbol in a source-code file. Desbordamiento de búfer basado en pila en la función putstring en el archivo find.c en Cscope anteriores a v15.6 permite a los atacantes remotos asistidos por el usuario ejecutar arbitrariamente código a través de un (1) nombre de función largo o (2) un símbolo largo en un archivo de có... • http://cscope.cvs.sourceforge.net/viewvc/cscope/cscope/src/find.c?r1=1.18&r2=1.19 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 10%CPEs: 8EXPL: 0CVE-2009-0148 – cscope: multiple buffer overflows
https://notcve.org/view.php?id=CVE-2009-0148
05 May 2009 — Multiple buffer overflows in Cscope before 15.7a allow remote attackers to execute arbitrary code via long strings in input such as (1) source-code tokens and (2) pathnames, related to integer overflows in some cases. NOTE: this issue exists because of an incomplete fix for CVE-2004-2541. Múltiples desbordamientos de búfer en Cscope anterior a versión 15.7a, permiten a los atacantes remotos ejecutar código arbitrario por medio de cadenas largas en entradas como (1) tokens de código fuente y (2) nombres de r... • http://lists.apple.com/archives/security-announce/2009/May/msg00002.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2006-4262 – cscope: multiple buffer overflows
https://notcve.org/view.php?id=CVE-2006-4262
23 Aug 2006 — Multiple buffer overflows in cscope 15.5 and earlier allow user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple vectors including (1) a long pathname that is not properly handled during file list parsing, (2) long pathnames that result from path variable expansion such as tilde expansion for the HOME environment variable, and (3) a long -f (aka reffile) command line argument. Múltiples desbordamientos de búfer en cscope 15.5 y anetriores permiten a at... • http://secunia.com/advisories/21601 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 21EXPL: 3CVE-2004-0996 – Cscope 13.0/15.x - Insecure Temporary File Creation
https://notcve.org/view.php?id=CVE-2004-0996
01 Dec 2004 — main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack. main.c de cscope 15-4 y 15-5 crea ficheros temporales con nombres predecibles, lo que permite a usuarios locales sobreescribir ficheros de su elección mediante un ataque de enlaces simbólicos. • https://www.exploit-db.com/exploits/24750 •