Описание
Integer overflow in the __tzfile_read function in glibc before 2.15 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted timezone (TZ) file, as demonstrated using vsftpd.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 2.13-24ubuntu1 |
| hardy | DNE | |
| lucid | released | 2.11.1-0ubuntu7.10 |
| maverick | released | 2.12.1-0ubuntu10.4 |
| natty | released | 2.13-0ubuntu13.1 |
| oneiric | released | 2.13-20ubuntu5.1 |
| upstream | released | 2.13-24 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | released | 2.7-10ubuntu8.1 |
| lucid | DNE | |
| maverick | DNE | |
| natty | DNE | |
| oneiric | DNE | |
| upstream | needs-triage |
Показывать по
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
Integer overflow in the __tzfile_read function in glibc before 2.15 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted timezone (TZ) file, as demonstrated using vsftpd.
Integer overflow in the __tzfile_read function in glibc before 2.15 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted timezone (TZ) file, as demonstrated using vsftpd.
Integer overflow in the __tzfile_read function in glibc before 2.15 al ...
Integer overflow in the __tzfile_read function in glibc before 2.15 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted timezone (TZ) file, as demonstrated using vsftpd.
ELSA-2012-0058: glibc security and bug fix update (MODERATE)
EPSS
6.8 Medium
CVSS2