CVE-2015-0235
Published Jan 28, 2015
Last updated 9 months ago
Overview
- Description
- Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."
- Source
- secalert@redhat.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-787
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "66C0FCBE-FCED-4169-AEED-E70F5B34094D",
"versionEndExcluding": "2.18",
"versionStartIncluding": "2.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:communications_application_session_controller:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "03E73D34-9239-46F7-9E98-4132964B2CD8",
"versionEndExcluding": "3.7.1"
},
{
"criteria": "cpe:2.3:a:oracle:communications_eagle_application_processor:16.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E9FDB6EE-EC5D-44F2-AEA0-0B605D5C6742"
},
{
"criteria": "cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:10.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D195BC4C-DAC2-4C71-B83B-4149E86B5F42"
},
{
"criteria": "cpe:2.3:a:oracle:communications_lsms:13.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E14AECDA-5C63-40F0-81FF-17BBFA487577"
},
{
"criteria": "cpe:2.3:a:oracle:communications_policy_management:9.7.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7CFEA80F-FC5D-4DAA-8810-3C26F6D8377F"
},
{
"criteria": "cpe:2.3:a:oracle:communications_policy_management:9.9.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1C1B1DA1-CB11-42D6-9F28-C1588A7A7D45"
},
{
"criteria": "cpe:2.3:a:oracle:communications_policy_management:10.4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F696923E-E5AB-4473-B404-A6CCB33B6DB8"
},
{
"criteria": "cpe:2.3:a:oracle:communications_policy_management:11.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6234C878-15CE-4B71-B825-DA088554A2FD"
},
{
"criteria": "cpe:2.3:a:oracle:communications_policy_management:12.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AE69A446-E765-4141-83F6-B58EA7E3783A"
},
{
"criteria": "cpe:2.3:a:oracle:communications_session_border_controller:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "11A5042B-79F8-4A86-996A-F56B925AAA05",
"versionEndExcluding": "7.2.0"
},
{
"criteria": "cpe:2.3:a:oracle:communications_session_border_controller:7.2.0:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1F38C38F-5669-448C-9566-783BEC7AB04B"
},
{
"criteria": "cpe:2.3:a:oracle:communications_session_border_controller:8.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1F59AE20-7B9D-47A5-9E0D-A73F4A0E7D34"
},
{
"criteria": "cpe:2.3:a:oracle:communications_user_data_repository:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2D37A84E-1FC0-43B2-A8E5-A8E3B26EF0E0",
"versionEndIncluding": "10.0.1",
"versionStartIncluding": "10.0.0"
},
{
"criteria": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EFDB5ADE-F4DF-4054-8628-5EF6C5DB864B"
},
{
"criteria": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "59C4F882-5B42-43E6-9CCC-D2AB23117A7C"
},
{
"criteria": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "726DB59B-00C7-444E-83F7-CB31032482AB"
},
{
"criteria": "cpe:2.3:a:oracle:exalogic_infrastructure:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CB059A52-DE6D-47FB-98E8-5A788E1C0FC0"
},
{
"criteria": "cpe:2.3:a:oracle:exalogic_infrastructure:2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D70580AD-2134-49D3-BE15-020023A10E87"
},
{
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "90F6AEA6-D52A-4655-9B89-CE5F8AA21E95",
"versionEndExcluding": "5.1.24"
},
{
"criteria": "cpe:2.3:o:oracle:linux:5:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "62A2AC02-A933-4E51-810E-5D040B476B7B"
},
{
"criteria": "cpe:2.3:o:oracle:linux:7:0:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D1137279-81F0-4F6B-8E91-95590106BADF"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA"
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:virtualization:6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "37BA55FC-D350-4DEB-9802-40AF59C99E79"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FC5E0720-43A6-4E46-83B2-A9C228824AB3",
"versionEndExcluding": "10.11.1"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:pureapplication_system:1.0.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D7AB60B-E38B-42C7-B785-D9520C1F5564"
},
{
"criteria": "cpe:2.3:a:ibm:pureapplication_system:1.1.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1D657332-C9B9-4E7B-89D9-5AEF3501141A"
},
{
"criteria": "cpe:2.3:a:ibm:pureapplication_system:2.0.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "575894EE-F13C-4D56-8B63-59A379F63BD2"
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_enterprise_single_sign-on:8.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "18430B37-84B3-4B88-A256-7BE9B48A3A52"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "82D9C83C-2968-4C63-851D-AE8DBEF02296",
"versionEndExcluding": "5.4.38",
"versionStartIncluding": "5.4.0"
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B70DA5B9-36FC-44F1-A372-4A736D1CB043",
"versionEndExcluding": "5.5.22",
"versionStartIncluding": "5.5.0"
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E88B9450-0A63-4FEA-98FE-AE92F7E54AA9",
"versionEndExcluding": "5.6.6",
"versionStartIncluding": "5.6.0"
}
],
"operator": "OR"
}
]
}
]