Gentoo Linux Security Advisory GLSA 200905-02 - Multiple vulnerabilities in Cscope might allow for the remote execution of arbitrary code. James Peach of Apple discovered a stack-based buffer overflow in cscope's handling of long file system paths. Multiple stack-based buffer overflows were reported in the putstring function when processing an overly long function name or symbol in a source code file. Versions less than 15.7a are affected.
39a53c2338b13f7e41e4b96a38233fde0baf0ae4df73e52902baff339b347135
Debian Security Advisory 1806-1 - Matt Murphy discovered that cscope, a source code browsing tool, does not verify the length of file names sourced in include statements, which may potentially lead to the execution of arbitrary code through specially crafted source code files.
590b7b56f51b92b716841c881d2dc6ed98216cc086adc0ad81629be53ea6274b