CVE-2011-1071 in C Library정보

요약

\~에 의해 MITRE

The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC (EGLIBC) allow context-dependent attackers to execute arbitrary code or cause a denial of service (memory consumption) via a long UTF8 string that is used in an fnmatch call, aka a "stack extension attack," a related issue to CVE-2010-2898, CVE-2010-1917, and CVE-2007-4782, as originally reported for use of this library by Google Chrome.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

출처

Interested in the pricing of exploits?

See the underground prices here!