CVE-2011-1095
published 2011-04-10CVE-2011-1095: locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not quote its output, which might allow local users to gain…
medium6.2CVSS 3.1
AVLACHAuNCCICAC
locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function.
Affected
65 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | glibc | < glibc 2.13-16 (bookworm) | glibc 2.13-16 (bookworm) |
| gnu | glibc | <= 2.12.2 | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
| gnu | glibc | — | — |
CVSS provenance
nvd6.2MEDIUMAV:L/AC:H/Au:N/C:C/I:C/A:C
osv6.2MEDIUM