Lucene search

K

MitreCVELIST:CVE-2009-4880

HistoryJun 01, 2010 - 8:00 p.m.

CVE-2009-4880

2010-06-0120:00:00

mitre

www.cve.org

1

6.1 Medium

AI Score

Confidence

Low

0.033 Low

EPSS

Percentile

91.3%

Multiple integer overflows in the strfmon implementation in the GNU C Library (aka glibc or libc6) 2.10.1 and earlier allow context-dependent attackers to cause a denial of service (memory consumption or application crash) via a crafted format string, as demonstrated by a crafted first argument to the money_format function in PHP, a related issue to CVE-2008-1391.

References

secunia.com/advisories/39900

security.gentoo.org/glsa/glsa-201011-01.xml

securityreason.com/achievement_securityalert/67

sources.redhat.com/bugzilla/show_bug.cgi?id=10600

sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=199eb0de8d673fb23aa127721054b4f1803d61f3

www.debian.org/security/2010/dsa-2058

www.mandriva.com/security/advisories?name=MDVSA-2010:111

www.mandriva.com/security/advisories?name=MDVSA-2010:112

www.securityfocus.com/bid/36443

www.ubuntu.com/usn/USN-944-1

www.vupen.com/english/advisories/2010/1246

bugzilla.redhat.com/show_bug.cgi?id=524671

exchange.xforce.ibmcloud.com/vulnerabilities/59242

6.1 Medium

AI Score

Confidence

Low

0.033 Low

EPSS

Percentile

91.3%

Related for CVELIST:CVE-2009-4880

prion3 debiancve3 cve3 nvd3 ubuntucve3 nessus12 openvas18 osv1 debian2 cvelist2 securityvulns6 seebug1 ubuntu1 gentoo1 suse1