VDB
CVE-2013-4237
CVE-2013-4237
PUBLISHED
Reported by redhat · Published October 9, 2013
sysdeps/posix/readdir_r.c in the GNU C Library (aka glibc or libc6) 2.18 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted (1) NTFS or (2) CIFS image.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | *, n/a |
Timeline
- Oct 9, 2013 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 3, 2023 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- 55113 third-party-advisoryx_refsource_SECUNIA
- [oss-security] 20130812 Re: CVE Request -- glibc: Buffer overwrite when using readdir_r on file systems returning file names longer than NAME_MAX characters mailing-listx_refsource_MLIST
- USN-1991-1 vendor-advisoryx_refsource_UBUNTU
- x_refsource_CONFIRM
- GLSA-201503-04 vendor-advisoryx_refsource_GENTOO
- x_refsource_CONFIRM
- 61729 vdb-entryx_refsource_BID
- x_refsource_CONFIRM
- MDVSA-2013:283 vendor-advisoryx_refsource_MANDRIVA