CVE-2010-1620

Integer overflow in the load_iface function in Tools/gdomap.c in gdomap in GNUstep Base before 1.20.0 might allow context-dependent attackers to execute arbitrary code via a (1) file or (2) socket that provides configuration data with many entries, leading to a heap-based buffer overflow.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.2 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:C/I:C/A:C
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 42%
VendorProductVersion
gnustepgnustep_base
𝑥
≤ 1.19.3
gnustepgnustep_base
1.11.2
gnustepgnustep_base
1.12.0
gnustepgnustep_base
1.13.0
gnustepgnustep_base
1.14.0
gnustepgnustep_base
1.15.0
gnustepgnustep_base
1.15.1
gnustepgnustep_base
1.15.2
gnustepgnustep_base
1.15.4
gnustepgnustep_base
1.17.0
gnustepgnustep_base
1.18.0
gnustepgnustep_base
1.19.0
gnustepgnustep_base
1.19.1
gnustepgnustep_base
1.19.2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
gnustep-base
bullseye
1.27.0-3
fixed
lenny
no-dsa
bookworm
1.28.1+really1.28.0-5
fixed
sid
1.30.0-8
fixed
trixie
1.30.0-8
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
gnustep-base
yakkety
not-affected
xenial
not-affected
wily
ignored
vivid
ignored
utopic
ignored
trusty
dne
saucy
ignored
raring
ignored
quantal
ignored
precise
not-affected
oneiric
ignored
natty
ignored
maverick
ignored
lucid
ignored
karmic
ignored
jaunty
ignored
hardy
ignored
dapper
ignored
Common Weakness Enumeration
References
http://ftpmain.gnustep.org/pub/gnustep/core/gnustep-base-1.20.0.tar.gz
http://marc.info/?l=oss-security&m=127324274005709&w=2
http://marc.info/?l=oss-security&m=127325778527537&w=2
http://savannah.gnu.org/bugs/?29755
http://secunia.com/advisories/39746
http://thread.gmane.org/gmane.comp.lib.gnustep.bugs/12336
https://bugs.launchpad.net/ubuntu/+source/gnustep-base/+bug/573108
http://ftpmain.gnustep.org/pub/gnustep/core/gnustep-base-1.20.0.tar.gz
http://marc.info/?l=oss-security&m=127324274005709&w=2
http://marc.info/?l=oss-security&m=127325778527537&w=2
http://savannah.gnu.org/bugs/?29755
http://secunia.com/advisories/39746
http://thread.gmane.org/gmane.comp.lib.gnustep.bugs/12336
https://bugs.launchpad.net/ubuntu/+source/gnustep-base/+bug/573108