CVE Vulnerabilities

CVE-2011-1659

Published: Apr 08, 2011 | Modified: Nov 07, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071.

Affected Software

Name Vendor Start Version End Version
Glibc Gnu 2.2.2 2.2.2
Glibc Gnu 2.9 2.9
Glibc Gnu 2.7 2.7
Glibc Gnu 2.1.2 2.1.2
Glibc Gnu 2.11 2.11
Glibc Gnu 2.0.5 2.0.5
Glibc Gnu 2.2.5 2.2.5
Glibc Gnu 2.0.6 2.0.6
Glibc Gnu 2.10.1 2.10.1
Glibc Gnu 1.00 1.00
Glibc Gnu 1.06 1.06
Glibc Gnu 2.1.1 2.1.1
Glibc Gnu 1.02 1.02
Glibc Gnu 2.0.3 2.0.3
Glibc Gnu 1.07 1.07
Glibc Gnu 2.3.1 2.3.1
Glibc Gnu 2.3 2.3
Glibc Gnu 2.12.0 2.12.0
Glibc Gnu 2.0 2.0
Glibc Gnu * 2.13
Glibc Gnu 2.1.1.6 2.1.1.6
Glibc Gnu 1.04 1.04
Glibc Gnu 1.01 1.01
Glibc Gnu 2.3.10 2.3.10
Glibc Gnu 2.4 2.4
Glibc Gnu 2.1 2.1
Glibc Gnu 2.3.4 2.3.4
Glibc Gnu 1.09.1 1.09.1
Glibc Gnu 2.1.9 2.1.9
Glibc Gnu 2.3.3 2.3.3
Glibc Gnu 2.12.1 2.12.1
Glibc Gnu 2.6.1 2.6.1
Glibc Gnu 2.0.1 2.0.1
Glibc Gnu 1.09 1.09
Glibc Gnu 2.10 2.10
Glibc Gnu 2.11.2 2.11.2
Glibc Gnu 2.5.1 2.5.1
Glibc Gnu 2.6 2.6
Glibc Gnu 2.0.4 2.0.4
Glibc Gnu 2.0.2 2.0.2
Glibc Gnu 2.2.1 2.2.1
Glibc Gnu 2.3.2 2.3.2
Glibc Gnu 1.03 1.03
Glibc Gnu 2.1.3.10 2.1.3.10
Glibc Gnu 2.3.6 2.3.6
Glibc Gnu 2.2.3 2.2.3
Glibc Gnu 2.5 2.5
Glibc Gnu 2.11.3 2.11.3
Glibc Gnu 1.08 1.08
Glibc Gnu 2.3.5 2.3.5
Glibc Gnu 2.8 2.8
Glibc Gnu 2.11.1 2.11.1
Glibc Gnu 2.2.4 2.2.4
Glibc Gnu 2.1.3 2.1.3
Glibc Gnu 1.05 1.05
Glibc Gnu 2.2 2.2
Glibc Gnu 2.12.2 2.12.2
Glibc Gnu 2.10.2 2.10.2

References