Back to search
CVE-2011-1659
Published: Apr 8, 2011
Modified: Aug 6, 2024
PUBLISHED
Description
Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://bugzilla.redhat.com/show_bug.cgi?id=681054
x_refsource_CONFIRM
20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console
mailing-list
x_refsource_BUGTRAQ
46397
third-party-advisory
x_refsource_SECUNIA
44353
third-party-advisory
x_refsource_SECUNIA
1025450
vdb-entry
x_refsource_SECTRACK
gnuclibrary-fnmatch-dos(66819)
vdb-entry
x_refsource_XF
MDVSA-2011:178
vendor-advisory
x_refsource_MANDRIVA
http://www.vmware.com/security/advisories/VMSA-2011-0012.html
x_refsource_CONFIRM
http://code.google.com/p/chromium/issues/detail?id=48733
x_refsource_MISC
MDVSA-2011:179
vendor-advisory
x_refsource_MANDRIVA
http://sourceware.org/bugzilla/show_bug.cgi?id=12583
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now