Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2009-5029
Description:Integer overflow in the __tzfile_read function in glibc before 2.15 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted timezone (TZ) file, as demonstrated using vsftpd.
Test IDs: 1.3.6.1.4.1.25623.1.0.71964   1.3.6.1.4.1.25623.1.0.863688   1.3.6.1.4.1.25623.1.0.850275   1.3.6.1.4.1.25623.1.1.4.2013.1287.1   1.3.6.1.4.1.25623.1.1.4.2012.0033.1   1.3.6.1.4.1.25623.1.1.4.2012.0055.1  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2009-5029
http://lists.grok.org.uk/pipermail/full-disclosure/2011-December/084452.html
http://dividead.wordpress.com/2009/06/01/glibc-timezone-integer-overflow/
http://sourceware.org/git/?p=glibc.git;a=commit;h=97ac2654b2d831acaa18a2b018b0736245903fd2
http://sourceware.org/ml/libc-alpha/2011-12/msg00037.html




© 1998-2024 E-Soft Inc. All rights reserved.