Lucene search

K
ubuntucveUbuntu.comUB:CVE-2013-4332
HistoryOct 09, 2013 - 12:00 a.m.

CVE-2013-4332

2013-10-0900:00:00
ubuntu.com
ubuntu.com
19

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

EPSS

0.002

Percentile

61.9%

Multiple integer overflows in malloc/malloc.c in the GNU C Library (aka
glibc or libc6) 2.18 and earlier allow context-dependent attackers to cause
a denial of service (heap corruption) via a large value to the (1) pvalloc,
(2) valloc, (3) posix_memalign, (4) memalign, or (5) aligned_alloc
functions.

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarcheglibc< 2.11.1-0ubuntu7.13UNKNOWN
ubuntu12.04noarcheglibc< 2.15-0ubuntu10.5UNKNOWN
ubuntu12.10noarcheglibc< 2.15-0ubuntu20.2UNKNOWN
ubuntu13.04noarcheglibc< 2.17-0ubuntu5.1UNKNOWN

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

EPSS

0.002

Percentile

61.9%