5
CVE-2011-1659
- EPSS 2.86%
- Veröffentlicht 08.04.2011 15:17:28
- Zuletzt bearbeitet 16.06.2026 23:29:45
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.86% | 0.849 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
http://secunia.com/advisories/46397
http://www.securityfocus.com/archive/1/520102/100/0/threaded
http://www.vmware.com/security/advisories/VMSA-2011-0012.html
http://code.google.com/p/chromium/issues/detail?id=48733
http://www.mandriva.com/security/advisories?name=MDVSA-2011:178
http://scarybeastsecurity.blogspot.com/2011/02/i-got-accidental-code-execution-via.html
https://bugzilla.redhat.com/show_bug.cgi?id=681054
http://secunia.com/advisories/44353
http://sourceware.org/bugzilla/show_bug.cgi?id=12583
http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=8126d90480fa3e0c5c5cd0d02cb1c93174b45485
http://www.mandriva.com/security/advisories?name=MDVSA-2011:179
http://www.securitytracker.com/id?1025450
https://exchange.xforce.ibmcloud.com/vulnerabilities/66819