Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
Configuration 7 (hide)
|
History
14 Feb 2024, 01:17
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) http://www.idirect.net/Partners/~/media/Files/CVE/iDirect-Posted-Common-Vulnerabilities-and-Exposures.pdf - Broken Link, URL Repurposed |
Information
Published : 2015-01-28 19:59
Updated : 2024-02-28 12:20
NVD link : CVE-2015-0235
Mitre link : CVE-2015-0235
CVE.ORG link : CVE-2015-0235
JSON object : View
Products Affected
ibm
- security_access_manager_for_enterprise_single_sign-on
- pureapplication_system
oracle
- vm_virtualbox
- exalogic_infrastructure
- communications_eagle_application_processor
- communications_eagle_lnp_application_processor
- linux
- communications_lsms
- communications_application_session_controller
- communications_policy_management
- communications_user_data_repository
- communications_webrtc_session_controller
- communications_session_border_controller
gnu
- glibc
apple
- mac_os_x
php
- php
debian
- debian_linux
redhat
- virtualization
CWE
CWE-787
Out-of-bounds Write