VulnerableCode Package Details - pkg:deb/debian/eglibc@2.13-38%2Bdeb7u10

Search for packages

Vulnerability	Summary	Fixed by
VCID-dw97-gxes-aaar Aliases: CVE-2012-6656	iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a multibyte character value of "0xffff" to the iconv function when converting IBM930 encoded data to UTF-8.	There are no reported fixed by versions.

Vulnerability

Summary

Fixed by

VCID-dw97-gxes-aaar
Aliases:
CVE-2012-6656

iconvdata/ibm930.c in GNU C Library (aka glibc) before 2.16 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a multibyte character value of "0xffff" to the iconv function when converting IBM930 encoded data to UTF-8.

There are no reported fixed by versions.

Vulnerability	Summary	Aliases
VCID-126p-hwx7-aaab	The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTER_GUARD environment variable.	CVE-2015-8777
VCID-7mps-j7m8-aaaq	The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value.	CVE-2015-8776
VCID-7wat-27ue-aaac	Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name.	CVE-2015-8779
VCID-evhs-yhuh-aaac	Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module.	CVE-2015-7547
VCID-hmph-8h2t-aaar	DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up on a database while iterating over it, which triggers the file pointer to be reset.	CVE-2014-8121
VCID-mbha-r89p-aaaf	Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer.	CVE-2015-1781
VCID-uwgz-2m3w-aaan	Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which triggers out-of-bounds heap-memory access.	CVE-2015-8778

Vulnerability

Summary

Aliases

VCID-126p-hwx7-aaab

The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTER_GUARD environment variable.

CVE-2015-8777

VCID-7mps-j7m8-aaaq

The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value.

CVE-2015-8776

VCID-7wat-27ue-aaac

Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long catalog name.

CVE-2015-8779

VCID-evhs-yhuh-aaac

Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module.

CVE-2015-7547

VCID-hmph-8h2t-aaar

DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up on a database while iterating over it, which triggers the file pointer to be reset.

CVE-2014-8121

VCID-mbha-r89p-aaaf

Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer.

CVE-2015-1781

VCID-uwgz-2m3w-aaan

Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the size argument to the __hcreate_r function, which triggers out-of-bounds heap-memory access.

CVE-2015-8778

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-06-21T09:26:06.938660+00:00	Debian Oval Importer	Fixing	VCID-uwgz-2m3w-aaan	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.1.3
2025-06-21T09:09:04.630897+00:00	Debian Oval Importer	Fixing	VCID-7mps-j7m8-aaaq	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.1.3
2025-06-21T09:06:44.538053+00:00	Debian Oval Importer	Fixing	VCID-126p-hwx7-aaab	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.1.3
2025-06-21T09:05:23.835274+00:00	Debian Oval Importer	Fixing	VCID-hmph-8h2t-aaar	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.1.3
2025-06-21T09:00:28.752638+00:00	Debian Oval Importer	Fixing	VCID-mbha-r89p-aaaf	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.1.3
2025-06-21T08:59:21.179670+00:00	Debian Oval Importer	Fixing	VCID-7wat-27ue-aaac	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.1.3
2025-06-21T08:59:17.751866+00:00	Debian Oval Importer	Fixing	VCID-evhs-yhuh-aaac	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.1.3
2025-06-20T19:41:49.118565+00:00	Debian Oval Importer	Affected by	VCID-dw97-gxes-aaar	None	36.1.3
2025-06-20T19:27:01.964111+00:00	Debian Oval Importer	Fixing	VCID-hmph-8h2t-aaar	None	36.1.3
2025-06-08T03:14:10.963982+00:00	Debian Oval Importer	Fixing	VCID-uwgz-2m3w-aaan	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.1.0
2025-06-08T02:56:22.672702+00:00	Debian Oval Importer	Fixing	VCID-7mps-j7m8-aaaq	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.1.0
2025-06-08T02:53:56.129630+00:00	Debian Oval Importer	Fixing	VCID-126p-hwx7-aaab	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.1.0
2025-06-08T02:52:27.879895+00:00	Debian Oval Importer	Fixing	VCID-hmph-8h2t-aaar	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.1.0
2025-06-08T02:47:18.867077+00:00	Debian Oval Importer	Fixing	VCID-mbha-r89p-aaaf	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.1.0
2025-06-08T02:46:06.714821+00:00	Debian Oval Importer	Fixing	VCID-7wat-27ue-aaac	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.1.0
2025-06-08T02:46:03.247419+00:00	Debian Oval Importer	Fixing	VCID-evhs-yhuh-aaac	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.1.0
2025-06-07T13:35:18.719164+00:00	Debian Oval Importer	Affected by	VCID-dw97-gxes-aaar	None	36.1.0
2025-06-07T13:24:51.426479+00:00	Debian Oval Importer	Fixing	VCID-hmph-8h2t-aaar	None	36.1.0
2025-06-03T13:24:08.612749+00:00	Debian Oval Importer	Fixing	VCID-hmph-8h2t-aaar	None	36.1.2
2025-04-08T01:41:33.638594+00:00	Debian Oval Importer	Fixing	VCID-uwgz-2m3w-aaan	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.0.0
2025-04-08T01:23:35.256085+00:00	Debian Oval Importer	Fixing	VCID-7mps-j7m8-aaaq	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.0.0
2025-04-08T01:21:09.799033+00:00	Debian Oval Importer	Fixing	VCID-126p-hwx7-aaab	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.0.0
2025-04-08T01:19:43.417769+00:00	Debian Oval Importer	Fixing	VCID-hmph-8h2t-aaar	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.0.0
2025-04-08T01:14:28.750131+00:00	Debian Oval Importer	Fixing	VCID-mbha-r89p-aaaf	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.0.0
2025-04-08T01:13:18.297985+00:00	Debian Oval Importer	Fixing	VCID-7wat-27ue-aaac	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.0.0
2025-04-08T01:13:14.738640+00:00	Debian Oval Importer	Fixing	VCID-evhs-yhuh-aaac	https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2	36.0.0
2025-04-07T12:10:45.422864+00:00	Debian Oval Importer	Affected by	VCID-dw97-gxes-aaar	None	36.0.0
2025-04-07T12:00:22.086553+00:00	Debian Oval Importer	Fixing	VCID-hmph-8h2t-aaar	None	36.0.0