Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2017-1000366

Опубликовано: 19 июн. 2017
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 7.2
CVSS3: 7.8

Описание

glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier.

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

released

2.19-0ubuntu6.13
precise/esm

not-affected

2.15-0ubuntu10.20
trusty

released

2.19-0ubuntu6.13
trusty/esm

released

2.19-0ubuntu6.13
upstream

needs-triage

vivid/ubuntu-core

DNE

xenial

DNE

yakkety

DNE

zesty

DNE

Показывать по

РелизСтатусПримечание
devel

released

2.24-12ubuntu1
esm-infra-legacy/trusty

DNE

esm-infra/xenial

released

2.23-0ubuntu9
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

needs-triage

vivid/ubuntu-core

released

2.21-0ubuntu4.0.7
xenial

released

2.23-0ubuntu9
yakkety

released

2.24-3ubuntu2.2

Показывать по

Ссылки на источники

EPSS

Процентиль: 92%
0.08164
Низкий

7.2 High

CVSS2

7.8 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2017-1000366

CVSS3: 7.4
redhat
больше 8 лет назад

glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier.

nvd логотип

CVE-2017-1000366

CVSS3: 7.8
nvd
больше 8 лет назад

glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier.

debian логотип

CVE-2017-1000366

CVSS3: 7.8
debian
больше 8 лет назад

glibc contains a vulnerability that allows specially crafted LD_LIBRAR ...

suse-cvrf логотип

openSUSE-SU-2017:1629-1

suse-cvrf
больше 8 лет назад

Security update for glibc

suse-cvrf логотип

SUSE-SU-2017:1621-1

suse-cvrf
больше 8 лет назад

Security update for glibc

EPSS

Процентиль: 92%
0.08164
Низкий

7.2 High

CVSS2

7.8 High

CVSS3

Уязвимость CVE-2017-1000366