6.8
CVSSv2

CVE-2015-8982

Published: 15/03/2017 Updated: 17/03/2017
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.1 | Impact Score: 5.9 | Exploitability Score: 2.2
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) prior to 2.21 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow.

Affected Products

Vendor Product Versions
GnuGlibc2.20

Vendor Advisories

Summary Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 221 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow Affected Products Brocade is investigating its product lines to dete ...
USN-3239-1 introduced a regression in the GNU C Library ...
USN-3239-1 introduced a regression in the GNU C Library ...
Several security issues were fixed in the GNU C Library ...