Description

Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."

Remediation

References

CVE-2015-0235

Related Vulnerabilities

WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-17671)

Oracle Database Server Other Vulnerability (CVE-2001-0942)

PHP Other Vulnerability (CVE-2015-2301)

WordPress Plugin Verify Google Webmaster Tools Unspecified Vulnerability (1.3)

Sqlite Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-6590)

Severity

Critical

Classification

CVE-2015-0235 CWE-787

Tags

Missing Update Known Vulnerabilities