Glibc@2.17 Security Vulnerabilities and Issues — Glibc@2.17 CVE List

Lucene search

GnuGlibc2.17

7 matches found

CVE•added 2016/02/18 9:59 p.m.•255 views

CVE-2015-7547

Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a...

8.1CVSS8.4AI score0.93421EPSS

CVE•added 2013/12/12 6:55 p.m.•121 views

CVE-2013-4458

Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library (aka glibc or libc6) 2.18 and earlier allows remote attackers to cause a denial of service (crash) via a (1) hostname or (2) IP address that triggers a large number of AF_INET6 address results. N...

5CVSS7.7AI score0.03104EPSS

CVE•added 2014/12/05 4:59 p.m.•119 views

CVE-2014-6040

GNU C Library (aka glibc) before 2.20 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a multibyte character value of "0xffff" to the iconv function when converting (1) IBM933, (2) IBM935, (3) IBM937, (4) IBM939, or (5) IBM1364 encoded data to UTF-8...

5CVSS7.1AI score0.07802EPSS

CVE•added 2013/10/09 10:55 p.m.•100 views

CVE-2013-4332

Multiple integer overflows in malloc/malloc.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allow context-dependent attackers to cause a denial of service (heap corruption) via a large value to the (1) pvalloc, (2) valloc, (3) posix_memalign, (4) memalign, or (5) aligned_alloc function...

4.3CVSS7.1AI score0.01634EPSS

CVE•added 2014/07/29 2:55 p.m.•100 views

CVE-2014-0475

Multiple directory traversal vulnerabilities in GNU C Library (aka glibc or libc6) before 2.20 allow context-dependent attackers to bypass ForceCommand restrictions and possibly have other unspecified impact via a .. (dot dot) in a (1) LC_*, (2) LANG, or other locale environment variable.

6.8CVSS8.7AI score0.00307EPSS

CVE•added 2013/02/08 8:55 p.m.•98 views

CVE-2013-0242

Buffer overflow in the extend_buffers function in the regular expression matcher (posix/regexec.c) in glibc, possibly 2.17 and earlier, allows context-dependent attackers to cause a denial of service (memory corruption and crash) via crafted multibyte characters.

5CVSS7.5AI score0.02704EPSS

CVE•added 2013/10/09 10:55 p.m.•94 views

CVE-2013-4237

sysdeps/posix/readdir_r.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted (1) NTFS or (2) CIFS image.

6.8CVSS7.8AI score0.01422EPSS