Vulnerability & Exploit Database

Displaying entries 1 - 10 of 11 in total

Results for: CVE-2015-1472 Back to search

SUSE: CVE-2015-5154: SUSE Linux Security Advisory Vulnerability

  • Severity: 7
  • Published: July 27, 2015

Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the container has a CDROM drive enabled, allows local guest users to execute arbitrary code on the host via unspecified ATAPI commands.

RHSA-2015:2589: glibc security update Vulnerability

  • Severity: 8
  • Published: April 08, 2015

The glibc packages provide the standard C libraries (libc), POSIX threadlibraries (libpthread), standard math libraries (libm), and the NameServer Caching Daemon (nscd) used by multiple programs on the system.Without these libraries, the Linux system cannot function correctly.It was discovered that the nss_files backend for the Name Serv...

RHSA-2015:2199: glibc security, bug fix, and enhancement update Vulnerability

  • Severity: 8
  • Published: April 08, 2015

The glibc packages provide the standard C libraries (libc), POSIX threadlibraries (libpthread), standard math libraries (libm), and the Name ServerCaching Daemon (nscd) used by multiple programs on the system.Without these libraries, the Linux system cannot function correctly.It was discovered that, under certain circumstances, glibc's g...

ELSA-2015-2199 Moderate: Oracle Linux glibc security, bug fix, and enhancement update Vulnerability

  • Severity: 8
  • Published: April 08, 2015

The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long line containing wide characters tha...

Gentoo Linux: CVE-2015-1472: GNU C Library: Multiple vulnerabilities Vulnerability

  • Severity: 8
  • Published: April 08, 2015

The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long line containing wide characters tha...

Amazon Linux AMI: Security patch for glibc (ALAS-2015-617) (multiple CVEs) Vulnerability

  • Severity: 8
  • Published: April 08, 2015

The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long line containing wide characters tha...

SUSE: CVE-2015-1472: SUSE Linux Security Advisory Vulnerability

  • Severity: 8
  • Published: March 05, 2015

The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long line containing wide characters tha...

USN-2519-1: GNU C Library vulnerabilities Vulnerability

  • Severity: 8
  • Published: February 24, 2015

The nss_dns implementation of getnetbyname in GNU C Library (aka glibc) before 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote attackers to cause a denial of service (infinite loop) by sending a positive answer while a network name is being process.

DSA-3169-1 eglibc -- security update Vulnerability

  • Severity: 8
  • Published: February 24, 2015

The nss_dns implementation of getnetbyname in GNU C Library (aka glibc) before 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote attackers to cause a denial of service (infinite loop) by sending a positive answer while a network name is being process.

Cent OS: CVE-2012-2313: CESA-2012:1304 (kernel) Vulnerability

  • Severity: 1
  • Published: June 13, 2012

The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call.