Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2011-1071HistoryApr 08, 2011 - 3:17 p.m.
CVE-2011-1071
2011-04-0815:17:27
Debian Security Bug Tracker
security-tracker.debian.org
26
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
0.022
Percentile
89.6%
The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC (EGLIBC) allow context-dependent attackers to execute arbitrary code or cause a denial of service (memory consumption) via a long UTF8 string that is used in an fnmatch call, aka a “stack extension attack,” a related issue to CVE-2010-2898, CVE-2010-1917, and CVE-2007-4782, as originally reported for use of this library by Google Chrome.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | glibc | < 2.11.2-12 | glibc_2.11.2-12_all.deb |
| Debian | 11 | all | glibc | < 2.11.2-12 | glibc_2.11.2-12_all.deb |
| Debian | 999 | all | glibc | < 2.11.2-12 | glibc_2.11.2-12_all.deb |
| Debian | 13 | all | glibc | < 2.11.2-12 | glibc_2.11.2-12_all.deb |
Related
ubuntucve
ubuntucve
f5
f5
SOL15885 - GNU C Library vulnerability CVE-2011-1071
2014-11-27 00:00:00
K15885 : GNU C Library vulnerability CVE-2011-1071
2015-06-13 00:00:00
K09408132 : glibc vulnerability CVE-2011-1659
2016-08-18 00:00:00
cve
cve
nvd
nvd
prion
prion
Design/Logic Flaw
2011-04-08 15:17:00
Design/Logic Flaw
2010-07-28 20:00:00
Design/Logic Flaw
2010-05-12 11:46:00
nessus
nessus
F5 Networks BIG-IP : GNU C Library vulnerability (SOL15885)
2014-11-28 00:00:00
Slackware 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / current : php (SSA:2010-240-04)
2010-08-29 00:00:00
F5 Networks BIG-IP : glibc vulnerability (SOL09408132)
2016-08-19 00:00:00
cvelist
cvelist
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:53:57
Denial Of Service (DoS)
2020-04-10 00:22:29
Arbitrary Code Execution
2020-04-10 00:55:26
debiancve
debiancve
CVE-2010-2898
2010-07-28 20:00:00
CVE-2011-1659
2011-04-08 15:17:28
exploitdb
exploitdb
GNU glibc < 2.12.2 - 'fnmatch()' Stack Corruption
2011-02-25 00:00:00
openvas
openvas
Slackware Advisory SSA:2010-240-04 php
2012-09-11 00:00:00
Slackware: Security Advisory (SSA:2010-240-04)
2012-09-10 00:00:00
Mandriva Update for glibc MDVSA-2011:178 (glibc)
2011-11-28 00:00:00
slackware
slackware
[slackware-security] php
2010-08-28 16:53:00
ibm
ibm
debian
debian
[SECURITY] [DSA-2089-1] New php5 packages fix several vulnerabilities
2010-08-06 05:42:32
securityvulns
securityvulns
[ MDVSA-2011:178 ] glibc
2011-12-04 00:00:00
glibc multiple security vulnerabilities
2011-12-04 00:00:00
PHP multiple security vulnerabilities
2010-05-11 00:00:00
osv
osv
php5 - several vulnerabilities
2010-08-06 00:00:00
centos
centos
php security update
2008-07-16 16:10:52
php security update
2008-07-16 16:15:51
php security update
2010-11-30 12:21:14
oraclelinux
oraclelinux
php security update
2008-07-16 00:00:00
glibc security update
2011-04-04 00:00:00
glibc security update
2011-04-04 00:00:00
redhat
redhat
(RHSA-2008:0582) Moderate: php security update
2008-07-22 00:00:00
(RHSA-2008:0545) Moderate: php security and bug fix update
2008-07-16 00:00:00
(RHSA-2011:0413) Important: glibc security update
2011-04-04 00:00:00
fedora
fedora
[SECURITY] Fedora 12 Update: maniadrive-1.2-22.fc12
2010-08-23 22:08:06
[SECURITY] Fedora 12 Update: php-5.3.3-1.fc12
2010-08-23 22:08:06
[SECURITY] Fedora 13 Update: maniadrive-1.2-22.fc13
2010-08-23 22:00:56
vmware
vmware
VMware ESX third party updates for Service Console packages glibc and dhcp
2011-07-28 00:00:00
VMware ESX third party updates for Service Console packages glibc and dhcp
2011-07-28 00:00:00
gentoo
gentoo
GNU C Library: Multiple vulnerabilities
2013-12-03 00:00:00
ubuntu
ubuntu
GNU C Library vulnerabilities
2012-03-09 00:00:00
PHP vulnerabilities
2010-09-20 00:00:00
PHP vulnerabilities
2008-07-23 00:00:00
suse
suse
remote code execution in php4, php5
2008-01-29 14:18:48
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
0.022
Percentile
89.6%
Related for DEBIANCVE:CVE-2011-1071