CVE-2011-1659 in C Libraryinfo

Summary

Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

04/08/2011

Disclosure

04/08/2011

Moderation

VulDB entry created

Entries

VDB-57029 (1)

CPE

ready

CWE

CWE-189 (Confirmed)

CVSS

5.3

EPSS

0.02476

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-1659
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-1659
CVE Details	https://www.cvedetails.com/cve/CVE-2011-1659/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!