|
|
Log in / Subscribe / Register

cscope: arbitrary code execution

Package(s):cscope CVE #(s):CVE-2009-0148
Created:May 25, 2009 Updated:June 19, 2009
Description:

From the Debian advisory:

Matt Murphy discovered that cscope, a source code browsing tool, does not verify the length of file names sourced in include statements, which may potentially lead to the execution of arbitrary code through specially crafted source code files.

Alerts:
CentOS CESA-2009:1102 cscope 2009-06-19
CentOS CESA-2009:1101 cscope 2009-06-16
Red Hat RHSA-2009:1102-01 cscope 2009-06-15
Red Hat RHSA-2009:1101-01 cscope 2009-06-15
Gentoo 200905-02 cscope 2009-05-24
Debian DSA-1806-1 cscope 2009-05-24
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds