CVE-2006-0459
Summary
| CVE | CVE-2006-0459 |
|---|---|
| State | PUBLISHED |
| Assigner | redhat |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2006-03-29 23:02:00 UTC |
| Updated | 2025-04-03 01:03:51 UTC |
| Description | flex.skl in Will Estes and John Millaway Fast Lexical Analyzer Generator (flex) before 2.5.33 does not allocate enough memory for grammars containing (1) REJECT statements or (2) trailing context rules, which causes flex to generate code that contains a buffer overflow that might allow context-dependent attackers to execute arbitrary code. |
Risk And Classification
Primary CVSS: v2.0 7.5 from [email protected]
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS: 0.039700000 probability, percentile 0.883960000 (date 2026-04-19)
Problem Types: CWE-119 | n/a
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
LowAuthentication
NoneConfidentiality
PartialIntegrity
PartialAvailability
PartialAV:N/AC:L/Au:N/C:P/I:P/A:P
NVD Known Affected Configurations (CPE 2.3)
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| USN-260-1: flex vulnerability | Ubuntu security notices | af854a3a-2127-422b-91ae-364da2661108 | usn.ubuntu.com | Third Party Advisory |
| Gentoo update for flex - Advisories - Secunia | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Vendor Advisory |
| www.us.debian.org/security/2006/dsa-1020 | af854a3a-2127-422b-91ae-364da2661108 | www.us.debian.org | Patch, Vendor Advisory |
| SecurityReason | af854a3a-2127-422b-91ae-364da2661108 | securityreason.com | Third Party Advisory |
| IBM X-Force Exchange | af854a3a-2127-422b-91ae-364da2661108 | exchange.xforce.ibmcloud.com | VDB Entry |
| Gentoo Linux Documentation -- flex: Potential insecure code generation | af854a3a-2127-422b-91ae-364da2661108 | www.gentoo.org | Third Party Advisory |
| www.osvdb.org/23440 | af854a3a-2127-422b-91ae-364da2661108 | www.osvdb.org | Broken Link, Patch |
| Flex Code Generation Buffer Overflow Vulnerability | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | Patch, Third Party Advisory, VDB Entry |
| flex: the fast lexical analyser - Browse Files at SourceForge.net | af854a3a-2127-422b-91ae-364da2661108 | prdownloads.sourceforge.net | Product |
| Ubuntu update for flex / gpc - Advisories - Secunia | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Vendor Advisory |
| Webmail - OVH | af854a3a-2127-422b-91ae-364da2661108 | www.vupen.com | Broken Link, URL Repurposed |
| flex: the fast lexical analyser / Thread: [Flex-announce] flex 2.5.33 released | af854a3a-2127-422b-91ae-364da2661108 | sourceforge.net | Release Notes |
| Secunia - Advisories - Flex Generated C Parsers Buffer Overflow Vulnerability | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Patch, Vendor Advisory |
| Secunia - Advisories - Debian update for flex | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Patch, Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
| Organization | Published | Contributor | Statement |
|---|---|---|---|
| Red Hat | 2006-08-16 | Mark J Cox | This issue only affects parsers which are generated by grammars which either use REJECT or rules with a variable trailing context (in these rules the parser has to keep all backtracking paths). The Red Hat Security Response Team analysed all packages that include flex generated parsers in Red Hat Enterprise Linux (2.1, 3, and 4) and found none were vulnerable. |
There are currently no legacy QID mappings associated with this CVE.