Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2011-2702

Опубликовано: 27 окт. 2014
Источник: debian
EPSS Низкий

Описание

Integer signedness error in Glibc before 2.13 and eglibc before 2.13, when using Supplemental Streaming SIMD Extensions 3 (SSSE3) optimization, allows context-dependent attackers to execute arbitrary code via a negative length parameter to (1) memcpy-ssse3-rep.S, (2) memcpy-ssse3.S, or (3) memset-sse2.S in sysdeps/i386/i686/multiarch/, which triggers an out-of-bounds read, as demonstrated using the memcpy function.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
eglibcfixed2.13-10package
eglibcnot-affectedsqueezepackage
glibcnot-affectedpackage

Примечания

  • http://web.archive.org/web/20110824011938/http://www.nodefense.org:80/eglibc.txt

  • fixed well before 2.13-10, but that is the present testing version that was available to check

EPSS

Процентиль: 89%
0.04486
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2011-2702

ubuntu
около 11 лет назад

Integer signedness error in Glibc before 2.13 and eglibc before 2.13, when using Supplemental Streaming SIMD Extensions 3 (SSSE3) optimization, allows context-dependent attackers to execute arbitrary code via a negative length parameter to (1) memcpy-ssse3-rep.S, (2) memcpy-ssse3.S, or (3) memset-sse2.S in sysdeps/i386/i686/multiarch/, which triggers an out-of-bounds read, as demonstrated using the memcpy function.

nvd логотип

CVE-2011-2702

nvd
около 11 лет назад

Integer signedness error in Glibc before 2.13 and eglibc before 2.13, when using Supplemental Streaming SIMD Extensions 3 (SSSE3) optimization, allows context-dependent attackers to execute arbitrary code via a negative length parameter to (1) memcpy-ssse3-rep.S, (2) memcpy-ssse3.S, or (3) memset-sse2.S in sysdeps/i386/i686/multiarch/, which triggers an out-of-bounds read, as demonstrated using the memcpy function.

github логотип

GHSA-r955-5974-3x3p

github
больше 3 лет назад

Integer signedness error in Glibc before 2.13 and eglibc before 2.13, when using Supplemental Streaming SIMD Extensions 3 (SSSE3) optimization, allows context-dependent attackers to execute arbitrary code via a negative length parameter to (1) memcpy-ssse3-rep.S, (2) memcpy-ssse3.S, or (3) memset-sse2.S in sysdeps/i386/i686/multiarch/, which triggers an out-of-bounds read, as demonstrated using the memcpy function.

EPSS

Процентиль: 89%
0.04486
Низкий