Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2011-0524 at MITRE


Multiple buffer overflows in the NMEA parser (nmea-gen.c) in gypsy 0.8 allow local users to cause a denial of service (crash) via unspecified vectors related to the sprintf function.
CVSS v2 Scores
  National Vulnerability Database
Base Score 2.11
Vector AV:L/AC:L/Au:N/C:N/I:N/A:P
Access Vector Local
Access Complexity Low
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial

SUSE information

SUSE Bugzilla entry: 666839 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE 11.4
  • gypsy >= 0.8-5.1
  • gypsy-debuginfo >= 0.8-5.1
  • gypsy-debugsource >= 0.8-5.1
  • libgypsy-devel >= 0.8-5.1
  • libgypsy0 >= 0.8-5.1
  • libgypsy0-debuginfo >= 0.8-5.1