7.5
CVE-2010-3441
- EPSS 5.85%
- Veröffentlicht 18.02.2011 17:00:34
- Zuletzt bearbeitet 16.06.2026 23:22:46
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Multiple buffer overflows in abcm2ps before 5.9.12 might allow remote attackers to execute arbitrary code via (1) a crafted input file, related to the PUT0 and PUT1 output macros; (2) a crafted input file, related to the trim_title function; and possibly (3) a long -O option on a command line.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Fedoraproject ≫ Fedora Version14
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 5.85% | 0.922 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=577014
http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054015.html
http://moinejf.free.fr/abcm2ps-5.txt
http://secunia.com/advisories/39345
http://secunia.com/advisories/43338
http://www.openwall.com/lists/oss-security/2010/04/08/5
http://www.openwall.com/lists/oss-security/2010/04/08/6
http://www.openwall.com/lists/oss-security/2010/04/08/7
http://www.securityfocus.com/bid/39271
http://www.vupen.com/english/advisories/2011/0390
https://bugzilla.redhat.com/show_bug.cgi?id=580435