CVE-2006-4262 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2006-4262 Interim 1 18 2025-11-05T06:25:22Z current 2021-05-30T12:36:35Z 2025-11-05T06:25:22Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2006-4262 Multiple buffer overflows in cscope 15.5 and earlier allow user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple vectors including (1) a long pathname that is not properly handled during file list parsing, (2) long pathnames that result from path variable expansion such as tilde expansion for the HOME environment variable, and (3) a long -f (aka reffile) command line argument. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE CaaS Platform 4.0 SUSE Enterprise Storage 6 SUSE Linux Enterprise Module for Development Tools 15 SP2 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Module for Development Tools 15 SP2 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS SUSE Linux Enterprise Module for Development Tools 15 SP2 SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Server 15 SP1-LTSS SUSE Linux Enterprise Module for Development Tools 15 SP2 SUSE Linux Enterprise Server 15-ESPOS SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server 16.0 SUSE Linux Enterprise Server Business Critical Linux 15 SP1 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Linux Enterprise Module for Development Tools 15 SP2 SUSE Manager Proxy 4.0 SUSE Linux Enterprise Module for Development Tools 15 SP2 SUSE Manager Retail Branch Server 4.0 SUSE Linux Enterprise Module for Development Tools 15 SP2 SUSE Manager Server 4.0 SUSE Linux Enterprise Module for Development Tools 15 SP2 openSUSE Tumbleweed cscope cscope-15.6-95.22 cscope-15.9-1.9 cscope-15.9-160000.2.2 cscope-15.9-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 cscope-15.6-95.22 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 cscope-15.9-1.9 as a component of openSUSE Tumbleweed cscope as a component of SUSE CaaS Platform 4.0 cscope as a component of SUSE Enterprise Storage 6 cscope as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS cscope as a component of SUSE Linux Enterprise High Performance Computing 15-LTSS cscope as a component of SUSE Linux Enterprise Module for Development Tools 15 SP2 cscope as a component of SUSE Linux Enterprise Server 15 SP1-LTSS cscope as a component of SUSE Linux Enterprise Server 15-ESPOS cscope as a component of SUSE Linux Enterprise Server 15-LTSS cscope as a component of SUSE Linux Enterprise Server Business Critical Linux 15 SP1 cscope as a component of SUSE Linux Enterprise Server for SAP Applications 15 cscope as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP1 cscope as a component of SUSE Manager Proxy 4.0 cscope as a component of SUSE Manager Retail Branch Server 4.0 cscope as a component of SUSE Manager Server 4.0 Multiple buffer overflows in cscope 15.5 and earlier allow user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple vectors including (1) a long pathname that is not properly handled during file list parsing, (2) long pathnames that result from path variable expansion such as tilde expansion for the HOME environment variable, and (3) a long -f (aka reffile) command line argument. CVE-2006-4262 SUSE Linux Enterprise Server 16.0:cscope-15.9-160000.2.2 SUSE Linux Enterprise Software Development Kit 11 SP4:cscope-15.6-95.22 openSUSE Tumbleweed:cscope-15.9-1.9 SUSE CaaS Platform 4.0:cscope SUSE Enterprise Storage 6:cscope SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:cscope SUSE Linux Enterprise High Performance Computing 15-LTSS:cscope SUSE Linux Enterprise Module for Development Tools 15 SP2:cscope SUSE Linux Enterprise Server 15 SP1-LTSS:cscope SUSE Linux Enterprise Server 15-ESPOS:cscope SUSE Linux Enterprise Server 15-LTSS:cscope SUSE Linux Enterprise Server Business Critical Linux 15 SP1:cscope SUSE Linux Enterprise Server for SAP Applications 15 SP1:cscope SUSE Linux Enterprise Server for SAP Applications 15:cscope SUSE Manager Proxy 4.0:cscope SUSE Manager Retail Branch Server 4.0:cscope SUSE Manager Server 4.0:cscope moderate 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P