Lucene search
Ubuntu.comUB:CVE-2007-3508HistoryJul 03, 2007 - 12:00 a.m.
CVE-2007-3508
2007-07-0300:00:00
ubuntu.com
ubuntu.com
8
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
EPSS
0
Percentile
5.1%
DISPUTED Integer overflow in the process_envvars function in
elf/rtld.c in glibc before 2.5-rc4 might allow local users to execute
arbitrary code via a large LD_HWCAP_MASK environment variable value. NOTE:
the glibc maintainers state that they do not believe that this issue is
exploitable for code execution.
Notes
| Author | Note |
|---|---|
| jdstrand | upstream believes this to be unexploitable |
Related
securityvulns
securityvulns
GNU C integer overflow
2007-07-04 00:00:00
[ GLSA 200707-04 ] GNU C Library: Integer overflow
2007-07-04 00:00:00
nessus
nessus
GLSA-200707-04 : GNU C Library: Integer overflow
2007-07-04 00:00:00
prion
prion
Integer overflow
2007-07-03 21:30:00
openvas
openvas
Gentoo Security Advisory GLSA 200707-04 (glibc)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200707-04 (glibc)
2008-09-24 00:00:00
checkpoint_security
checkpoint_security
nvd
nvd
CVE-2007-3508
2007-07-03 21:30:00
debiancve
debiancve
CVE-2007-3508
2007-07-03 21:30:00
cvelist
cvelist
CVE-2007-3508
2007-07-03 21:00:00
gentoo
gentoo
GNU C Library: Integer overflow
2007-07-03 00:00:00
cve
cve
CVE-2007-3508
2007-07-03 21:30:00
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
EPSS
0
Percentile
5.1%
Related for UB:CVE-2007-3508