CVE-2011-1071 in C Libraryinfo

Zusammenfassung

von MITRE

The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC (EGLIBC) allow context-dependent attackers to execute arbitrary code or cause a denial of service (memory consumption) via a long UTF8 string that is used in an fnmatch call, aka a "stack extension attack," a related issue to CVE-2010-2898, CVE-2010-1917, and CVE-2007-4782, as originally reported for use of this library by Google Chrome.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservieren

24.02.2011

Veröffentlichung

08.04.2011

Moderieren

akzeptiert

Eintrag

VDB-4308

CPE

bereit

Exploit

Download

EPSS

0.14323

KEV

nein

Aktivitäten

very low

Quellen

Do you need the next level of professionalism?

Upgrade your account now!