CVE-2013-7424
published 2015-08-26CVE-2013-7424: The getaddrinfo function in glibc before 2.15, when compiled with libidn and the AI_IDN flag is used, allows context-dependent attackers to cause a denial of…
medium5.1CVSS 3.1
AVNACHAuNCPIPAP
The getaddrinfo function in glibc before 2.15, when compiled with libidn and the AI_IDN flag is used, allows context-dependent attackers to cause a denial of service (invalid free) and possibly execute arbitrary code via unspecified vectors, as demonstrated by an internationalized domain name to ping6.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | glibc | < glibc 2.15-1 (bookworm) | glibc 2.15-1 (bookworm) |
| gnu | glibc | <= 2.14.1 | — |
| gnu | glibc | >= 0 < 2.15-1 | 2.15-1 |
| gnu | glibc | >= 0 < 2.15-1 | 2.15-1 |
| gnu | glibc | >= 0 < 2.15-1 | 2.15-1 |
| gnu | glibc | >= 0 < 2.15-1 | 2.15-1 |
CVSS provenance
nvd5.1MEDIUMAV:N/AC:H/Au:N/C:P/I:P/A:P
osv5.1MEDIUM