CVE-2011-1071 in C Libraryinformazioni

Riassunto

di MITRE

The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC (EGLIBC) allow context-dependent attackers to execute arbitrary code or cause a denial of service (memory consumption) via a long UTF8 string that is used in an fnmatch call, aka a "stack extension attack," a related issue to CVE-2010-2898, CVE-2010-1917, and CVE-2007-4782, as originally reported for use of this library by Google Chrome.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Prenotare

24/02/2011

Divulgazione

08/04/2011

Moderazione

accettato

CPE

pronto

Sfruttamento

Scaricare

EPSS

0.14323

KEV

no

Attività

molto basso

Fonti

Do you know our Splunk app?

Download it now for free!