Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2011-1095

Опубликовано: 10 апр. 2011
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 6.2

Описание

locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function.

РелизСтатусПримечание
dapper

DNE

devel

not-affected

2.13-0ubuntu13
hardy

DNE

karmic

ignored

end of life
lucid

released

2.11.1-0ubuntu7.10
maverick

released

2.12.1-0ubuntu10.4
natty

not-affected

2.13-0ubuntu13
oneiric

not-affected

2.13-0ubuntu13
upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

ignored

end of life
devel

DNE

hardy

released

2.7-10ubuntu8.1
karmic

DNE

lucid

DNE

maverick

DNE

natty

DNE

oneiric

DNE

upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 26%
0.00087
Низкий

6.2 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2011-1095

redhat
около 15 лет назад

locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function.

nvd логотип

CVE-2011-1095

nvd
больше 14 лет назад

locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function.

debian логотип

CVE-2011-1095

debian
больше 14 лет назад

locale/programs/locale.c in locale in the GNU C Library (aka glibc or ...

github логотип

GHSA-hhjf-9w4x-vhhf

github
больше 3 лет назад

locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function.

oracle-oval логотип

ELSA-2011-0413

oracle-oval
больше 14 лет назад

ELSA-2011-0413: glibc security update (IMPORTANT)

EPSS

Процентиль: 26%
0.00087
Низкий

6.2 Medium

CVSS2

Уязвимость CVE-2011-1095