CVE-2006-0459
Summary
| CVE | CVE-2006-0459 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2006-03-29 23:02:00 UTC |
| Updated | 2023-10-06 17:23:00 UTC |
| Description | flex.skl in Will Estes and John Millaway Fast Lexical Analyzer Generator (flex) before 2.5.33 does not allocate enough memory for grammars containing (1) REJECT statements or (2) trailing context rules, which causes flex to generate code that contains a buffer overflow that might allow context-dependent attackers to execute arbitrary code. |
Risk And Classification
Problem Types: CWE-119
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Westes | Flex | All | All | All | All |
| Application | Will Estes And John Millaway | Flex | 2.5.30 | All | All | All |
| Application | Will Estes And John Millaway | Flex | 2.5.30 | All | All | All |
| Application | Will Estes And John Millaway | Flex | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Gentoo Linux Documentation -- flex: Potential insecure code generation | GENTOO | www.gentoo.org | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| Flex Code Generation Buffer Overflow Vulnerability | BID | www.securityfocus.com | Patch |
| Secunia - Advisories - Debian update for flex | SECUNIA | secunia.com | Patch, Vendor Advisory |
| flex: the fast lexical analyser / Thread: [Flex-announce] flex 2.5.33 released | MLIST | sourceforge.net | |
| Gentoo update for flex - Advisories - Secunia | SECUNIA | secunia.com | Vendor Advisory |
| flex: the fast lexical analyser - Browse Files at SourceForge.net | CONFIRM | prdownloads.sourceforge.net | |
| DSA-1020 | DEBIAN | www.us.debian.org | Patch, Vendor Advisory |
| Webmail - OVH | VUPEN | www.vupen.com | |
| Secunia - Advisories - Flex Generated C Parsers Buffer Overflow Vulnerability | SECUNIA | secunia.com | Patch, Vendor Advisory |
| Ubuntu update for flex / gpc - Advisories - Secunia | SECUNIA | secunia.com | Vendor Advisory |
| 23440 | OSVDB | www.osvdb.org | Patch |
| SecurityReason | SREASON | securityreason.com | |
| USN-260-1: flex vulnerability | Ubuntu security notices | UBUNTU | usn.ubuntu.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
| Organization | Published | Contributor | Statement |
|---|---|---|---|
| Red Hat | 2006-08-16 | Mark J Cox | This issue only affects parsers which are generated by grammars which either use REJECT or rules with a variable trailing context (in these rules the parser has to keep all backtracking paths). The Red Hat Security Response Team analysed all packages that include flex generated parsers in Red Hat Enterprise Linux (2.1, 3, and 4) and found none were vulnerable. |
There are currently no legacy QID mappings associated with this CVE.