Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-0242

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2013-0242
Last Modified 03 Jan 2014 11:43:59
Published 08 Feb 2013 03:55:01
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2013-0242

Summary

Buffer overflow in the extend_buffers function in the regular expression matcher (posix/regexec.c) in glibc, possibly 2.17 and earlier, allows context-dependent attackers to cause a denial of service (memory corruption and crash) via crafted multibyte characters.

Vulnerable Systems

Application

  • Gnu Glibc 2.17


References

XF - glibc-extendbuffers-dos(81707)

SECTRACK - 1028063

BID - 57638

MLIST - [oss-security] 20130130 Re: CVE Request -- glibc: DoS due to a buffer overrun in regexp matcher by processing multibyte characters

MLIST - [libc-alpha] 20130129 [PATCH] Fix buffer overrun in regexp matcher

MISC - http://sourceware.org/bugzilla/show_bug.cgi?id=15078

SECUNIA - 51951

OSVDB - 89747

REDHAT - RHSA-2013:0769

MANDRIVA - MDVSA-2013:163

SECUNIA - 55113

UBUNTU - USN-1991-1

REDHAT - RHSA-2013:1605


Last Updated: 27 May 2016 11:01:49