VDB
GCVE-110-MAGEIA-2016-351
GCVE-110-MAGEIA-2016-351
Advisory Published
In c-ares before 1.12.0, When a string is passed in to 'ares_create_query'
or 'ares_mkquery' and uses an escaped trailing dot, like "hello\.", c-ares
calculates the string length wrong and subsequently writes outside of the
the allocated buffer with one byte. The wrongly written byte is the least
significant byte of the 'dnsclass' argument; most commonly 1
(CVE-2016-5180).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | c-ares | 1.10.0-5.1.mga5 (unaffected), 0 (affected) | — |
Aliases
Browse GCVE Records
72,580 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.