CVE-2017-1000409

Published Feb 1, 2018

Last updated 6 years ago

Overview

Description
A buffer overflow in glibc 2.5 (released on September 29, 2006) and can be triggered through the LD_LIBRARY_PATH environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.
Source
cve@mitre.org
NVD status
Modified

Risk scores

CVSS 3.0

Type
Primary
Base score
7
Impact score
5.9
Exploitability score
1
Vector string
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

CVSS 2.0

Type
Primary
Base score
6.9
Impact score
10
Exploitability score
3.4
Vector string
AV:L/AC:M/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov
CWE-119

Social media

Hype score
Not currently trending

Configurations