Home CVE Database CVE-2016-3706

CVE-2016-3706

Description

Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Library (aka glibc or libc6) allows remote attackers to cause a denial of service (crash) via vectors involving hostent conversion. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4458.

Priority: MEDIUM
CVSS v3: 7.5
Publish Date: Jun 10, 2016
Related ID: --
CVSS v2: High
Modified Date: Jun 10, 2016

Find out more about CVE-2016-3706 from the MITRE-CVE dictionary and NIST NVD


Products Affected

Login may be required to access defects or downloads.

Related Products

Product Name Status Defect Fixed Downloads
Linux 7 SCP Not Vulnerable -- -- --
Linux 7 CGP Not Vulnerable -- -- --

Comments

glibc

Live chat
Online