CVE-2018-11236 in Enterprise Session Border Controllerinfo

Summary

stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

05/18/2018

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilityCWEExpCouCVE
133498Oracle Enterprise Session Border Controller glibc integer overflow190Not definedOfficial fixCVE-2018-11236
133497Oracle Enterprise Communications Broker glibc integer overflow190Not definedOfficial fixCVE-2018-11236
133496Oracle Communications Session Border Controller glibc integer overflow190Not definedOfficial fixCVE-2018-11236
117986GNU C Library canonicalize.c realpath integer overflow190Not definedOfficial fixCVE-2018-11236

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!