stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution.
oryginał ENCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HGnu Glibc
APPGnu≤ 2.27Netapp Data Ontap Edge
APPNetappwszystkie wersjeNetapp Element Software Management
APPNetappwszystkie wersjeOracle Communications Session Border Controller
APPOracle8.0.08.1.08.2.0Oracle Enterprise Communications Broker
APPOracle3.0.03.1.0Red Hat Enterprise Linux Desktop
OSRedhat7.0Red Hat Enterprise Linux Server
OSRedhat7.0Red Hat Enterprise Linux Workstation
OSRedhat7.0Red Hat Virtualization Host
APPRedhat4.0
Powiązane podatności
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remot...
OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the s...
Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier allows remote attackers to execute arbi...
Adobe Flash Player 21.0.0.226 and earlier allows remote attackers to execute arbitrary code via unspecified ve...
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 ...