Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2009-0148

Multiple buffer overflows in Cscope before 15.7a allow remote attackers to execute arbitrary code via long strings in input such as (1) source-code tokens and (2) pathnames, related to integer overflows in some cases. NOTE: this issue exists because of an incomplete fix for CVE-2004-2541.

  • Published: May 5, 2009
  • Updated: Apr 13, 2023
  • CVE: CVE-2009-0148
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 9.3
  • AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

Software From Fixed in
cscope / cscope 15.6 15.6.x
cscope / cscope 15.0bl2 15.0bl2.x
cscope / cscope 15.5 15.5.x
cscope / cscope 15.3 15.3.x
cscope / cscope 13.0 13.0.x
cscope / cscope 15.1 15.1.x
cscope / cscope 15.4 15.4.x
cscope / cscope 15.7 15.7.x