PublicDate: 2006-03-29 23:02:00 UTC
Candidate: CVE-2006-0459
References:
 https://ubuntu.com/security/notices/USN-260-1
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0459
Description:
 flex.skl in Will Estes and John Millaway Fast Lexical Analyzer Generator
 (flex) before 2.5.33 does not allocate enough memory for grammars
 containing (1) REJECT statements or (2) trailing context rules, which
 causes flex to generate code that contains a buffer overflow that might
 allow context-dependent attackers to execute arbitrary code.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_cyrus21-imapd: released (2.1.18-2ubuntu2)
edgy_cyrus21-imapd: released (2.1.18-2ubuntu2)
feisty_cyrus21-imapd: released (2.1.18-2ubuntu2)
devel_cyrus21-imapd: DNE
dapper_flex: released (2.5.31-38ubuntu1)
edgy_flex: released (2.5.31-38ubuntu1)
feisty_flex: released (2.5.31-38ubuntu1)
devel_flex: released (2.5.31-38ubuntu1)
dapper_xine-lib: released (1.1.1+ubuntu2-7.7)
edgy_xine-lib: released (1.1.2+repacked1-0ubuntu3.4)
feisty_xine-lib: needed
dapper_flex-old: not-affected
edgy_flex-old: not-affected
feisty_flex-old: not-affected
devel_flex-old: not-affected
dapper_gob2: released (2.0.14-1ubuntu1)
edgy_gob2: released (2.0.14-1ubuntu1)
feisty_gob2: released (2.0.14-1ubuntu1)
devel_gob2: released (2.0.14-1ubuntu1)
dapper_gcc-3.3: not-affected
edgy_gcc-3.3: not-affected
feisty_gcc-3.3: not-affected
dapper_gcc-3.4: not-affected
edgy_gcc-3.4: not-affected
feisty_gcc-3.4: not-affected
dapper_xine-extracodecs: released (1.1.1+ubuntu1-2)
edgy_xine-extracodecs: released (1.1.1+ubuntu1-2)
feisty_xine-extracodecs: released (1.1.1+ubuntu1-2)
devel_xine-extracodecs: DNE
upstream_cyrus21-imapd: needs-triage
upstream_flex: needs-triage
upstream_flex-old: needs-triage
upstream_gcc-3.3: needs-triage
upstream_gcc-3.4: needs-triage
upstream_gob2: needs-triage
upstream_xine-extracodecs: needs-triage
upstream_xine-lib: needs-triage