Описание
The parse_datetime function in GNU coreutils allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted date string, as demonstrated by the "--date=TZ="123"345" @1" string to the touch or date command.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | |
| esm-infra-legacy/trusty | released | 8.21-1ubuntu5.1 |
| lucid | released | 7.4-2ubuntu3.1 |
| precise | released | 8.13-3ubuntu3.3 |
| trusty | released | 8.21-1ubuntu5.1 |
| trusty/esm | released | 8.21-1ubuntu5.1 |
| upstream | released | 8.23-1 |
| utopic | not-affected | 8.23-2ubuntu3 |
Показывать по
Ссылки на источники
EPSS
7.5 High
CVSS2
Связанные уязвимости
The parse_datetime function in GNU coreutils allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted date string, as demonstrated by the "--date=TZ="123"345" @1" string to the touch or date command.
The parse_datetime function in GNU coreutils allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted date string, as demonstrated by the "--date=TZ="123"345" @1" string to the touch or date command.
The parse_datetime function in GNU coreutils allows remote attackers t ...
The parse_datetime function in GNU coreutils allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted date string, as demonstrated by the "--date=TZ="123"345" @1" string to the touch or date command.
EPSS
7.5 High
CVSS2