5

CVE-2011-1659

Exploit

Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071.

Data is provided by the National Vulnerability Database (NVD)
GnuGlibc Version <= 2.13
GnuGlibc Version1.00
GnuGlibc Version1.01
GnuGlibc Version1.02
GnuGlibc Version1.03
GnuGlibc Version1.04
GnuGlibc Version1.05
GnuGlibc Version1.06
GnuGlibc Version1.07
GnuGlibc Version1.08
GnuGlibc Version1.09
GnuGlibc Version1.09.1
GnuGlibc Version2.0
GnuGlibc Version2.0.1
GnuGlibc Version2.0.2
GnuGlibc Version2.0.3
GnuGlibc Version2.0.4
GnuGlibc Version2.0.5
GnuGlibc Version2.0.6
GnuGlibc Version2.1
GnuGlibc Version2.1.1
GnuGlibc Version2.1.1.6
GnuGlibc Version2.1.2
GnuGlibc Version2.1.3
GnuGlibc Version2.1.3.10
GnuGlibc Version2.1.9
GnuGlibc Version2.2
GnuGlibc Version2.2.1
GnuGlibc Version2.2.2
GnuGlibc Version2.2.3
GnuGlibc Version2.2.4
GnuGlibc Version2.2.5
GnuGlibc Version2.3
GnuGlibc Version2.3.1
GnuGlibc Version2.3.2
GnuGlibc Version2.3.3
GnuGlibc Version2.3.4
GnuGlibc Version2.3.5
GnuGlibc Version2.3.6
GnuGlibc Version2.3.10
GnuGlibc Version2.4
GnuGlibc Version2.5
GnuGlibc Version2.5.1
GnuGlibc Version2.6
GnuGlibc Version2.6.1
GnuGlibc Version2.7
GnuGlibc Version2.8
GnuGlibc Version2.9
GnuGlibc Version2.10
GnuGlibc Version2.10.1
GnuGlibc Version2.10.2
GnuGlibc Version2.11
GnuGlibc Version2.11.1
GnuGlibc Version2.11.2
GnuGlibc Version2.11.3
GnuGlibc Version2.12.0
GnuGlibc Version2.12.1
GnuGlibc Version2.12.2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 2.48% 0.846
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P