Home > Vulnerability Database > CVE-2006-4262

Mend.io Vulnerability Database

CVE-2006-4262

Date: August 23, 2006

Multiple buffer overflows in cscope 15.5 and earlier allow user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple vectors including (1) a long pathname that is not properly handled during file list parsing, (2) long pathnames that result from path variable expansion such as tilde expansion for the HOME environment variable, and (3) a long -f (aka reffile) command line argument.

Severity Score

5.6

Related Resources (20)

Url: https://nvd.nist.gov/vuln/detail/CVE-2006-4262

Url: http://www.redhat.com/support/errata/RHSA-2009-1101.html

Url: http://www.debian.org/security/2006/dsa-1186

Url: http://www.vupen.com/english/advisories/2006/3374

Url: http://www.securityfocus.com/bid/19687

Url: http://sourceforge.net/mailarchive/forum.php?thread_id=30266761&forum_id=33500

Url: http://sourceforge.net/mailarchive/forum.php?thread_id=30266760&forum_id=33500

Url: http://www.securityfocus.com/bid/19686

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2006-4262

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/28546

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9661

Url: http://www.osvdb.org/28135

Url: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=203645

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/28545

Url: http://secunia.com/advisories/22515

Url: http://secunia.com/advisories/21601

Url: http://secunia.com/advisories/22239

Url: http://security.gentoo.org/glsa/glsa-200610-08.xml

Url: http://www.osvdb.org/28136

Url: https://www.mend.io/vulnerability-database/CVE-2006-4262

Severity Score

5.6

Weakness Type (CWE)

Buffer Errors

CWE-119

CVSS v3.1

Base Score:	5.6
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

CVSS v2

Base Score:	5.1
Access Vector (AV):	NETWORK
Access Complexity (AC):	HIGH
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	PARTIAL
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2006-4262

Date: August 23, 2006

Severity Score

Related Resources (20)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?