5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
glibc is vulnerable to arbitrary code execution. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library loaded ELF (Executable and Linking Format) files. If a carefully-crafted ELF file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
drosenbe.blogspot.com/2010/05/integer-overflow-in-ldso-cve-2010-0830.html
frugalware.org/security/662
secunia.com/advisories/39900
security.gentoo.org/glsa/glsa-201011-01.xml
securitytracker.com/id?1024044
sourceware.org/git/?p=glibc.git;a=commit;h=db07e962b6ea963dbb345439f6ab9b0cf74d87c5
www.debian.org/security/2010/dsa-2058
www.mandriva.com/security/advisories?name=MDVSA-2010:111
www.mandriva.com/security/advisories?name=MDVSA-2010:112
www.securityfocus.com/bid/40063
www.ubuntu.com/usn/USN-944-1
www.vupen.com/english/advisories/2010/1246
access.redhat.com/errata/RHSA-2012:0126
access.redhat.com/security/updates/classification/#moderate
exchange.xforce.ibmcloud.com/vulnerabilities/58915
lists.opensuse.org/opensuse-security-announce/2010-10/msg00007.html