MiracleLinux 7 : glibc-2.17-105.el7 (AXSA:2015-569:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-569:01 advisory. The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as t...

K16366: GNU C Library (glibc) vulnerability CVE-2015-1472

Security Advisory Description stdio-common/vfscanf.c has an ADDW macro that tries to determine whether to use malloc or alloca for allocations. But in the malloc case, it only allocates newsize bytes instead of the required newsize sizeof CHART. Thus the allocated buffer gets overrun in the...

Mageia: Security Advisory (MGASA-2015-0072)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Vulnerabilities in GNU C Library Affect Power Hardware Management Console (CVE-2013-7423, CVE-2014-7817, CVE-2014-9402, CVE-2015-1472)

Summary GNU C Library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2013-7423 DESCRIPTION:The senddg function in resolv/ressend.c in GNU C Library aka glibc or libc6 before 2.20 does not properly reuse file descriptors,...

SUSE: Security Advisory (SUSE-SU-2015:0439-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2015:0551-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2019-1552)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Multiple vulnerabilities in GNU C Library (glibc), OpenSSL and NTP affect IBM Flex System Chassis Management Module (CMM)

Summary Vulnerabilities in GNU C Library glibc, OpenSSL and NTP affect IBM Flex System Chassis Management Module. IBM Flex System Chassis Management Module has addressed the CVEs listed below. Vulnerability Details Summary Vulnerabilities in GNU C Library glibc, OpenSSL and NTP affect IBM Flex...

Security Bulletin: IBM BladeCenter Advanced Management Module is affected by glibc vulnerabilities (CVE-2015-1472, CVE-2013-7423, CVE-2014-7817, and CVE-2014-9402)

Summary Security vulnerabilities in glibc affect IBM BladeCenter Advanced Management Module AMM. Vulnerability Details Summary Security vulnerabilities in glibc affect IBM BladeCenter Advanced Management Module AMM. Vulnerability Details: CVE-ID: CVE-2013-7423 Description: GNU glibc could allow a...

Scientific Linux Security Update : glibc on SL7.x x86_64 (20151119)

It was discovered that, under certain circumstances, glibc's getaddrinfo function would send DNS queries to random file descriptors. An attacker could potentially use this flaw to send DNS queries to unintended recipients, resulting in information disclosure or data loss due to the application...

Amazon Linux: Security Advisory (ALAS-2015-617)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 7 : glibc (CESA-2015:2199)

Updated glibc packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

RedHat Update for glibc RHSA-2015:2199-07

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: Red Hat Security Advisory: glibc security, bug fix, and enhancement update

Updated glibc packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

SUSE SLED12 / SLES12 Security Update : glibc (SUSE-SU-2015:0526-1)

glibc has been updated to fix four security issues. These security issues were fixed : - CVE-2014-7817: The wordexp function in GNU C Library aka glibc 2.21 did not enforce the WRDENOCMD flag, which allowed context-dependent attackers to execute arbitrary commands, as demonstrated by input...

CVE-2015-1472

The ADDW macro in stdio-common/vfscanf.c in the GNU C Library aka glibc or libc6 before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a lo...

CVE-2015-1472

The ADDW macro in stdio-common/vfscanf.c in the GNU C Library aka glibc or libc6 before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a lo...

BELL-CVE-2015-1472 CVE-2015-1472 does not affect BellSoft software

Bulletin has no description...

CVE-2015-1472

CVE-2015-1472 affects the GNU C Library (glibc) prior to 2.21. The ADDW macro in stdio-common/vfscanf.c can miscalculate allocation size, leading to buffer overflows in wide-character handling during wscanf, enabling context-dependent denial of service and potentially other impact. Affected compo...

CVE-2015-1472

The ADDW macro in stdio-common/vfscanf.c in the GNU C Library aka glibc or libc6 before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a lo...