QwikSec

Security Database

CVE

CWE

Training

CVE-2016-10228

Published: Mar 2, 2017

Modified: Aug 6, 2024

PUBLISHED

Description

The iconv program in the GNU C Library (aka glibc or libc6) 2.31 and earlier, when invoked with multiple suffixes in the destination encoding (TRANSLATE or IGNORE) along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

vendor-advisory

[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar

mailing-list

https://www.oracle.com/security-alerts/cpuapr2022.html

https://sourceware.org/bugzilla/show_bug.cgi?id=19519

http://openwall.com/lists/oss-security/2017/03/01/10

https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21

https://sourceware.org/bugzilla/show_bug.cgi?id=26224

[debian-lts-announce] 20221017 [SECURITY] [DLA 3152-1] glibc security update

mailing-list

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.