Search for vulnerabilities
Vulnerability details: VCID-aebd-8n2k-aaaa
Vulnerability ID VCID-aebd-8n2k-aaaa
Aliases CVE-2013-0242
Summary Buffer overflow in the extend_buffers function in the regular expression matcher (posix/regexec.c) in glibc, possibly 2.17 and earlier, allows context-dependent attackers to cause a denial of service (memory corruption and crash) via crafted multibyte characters.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
System Score Found at
rhas Low https://access.redhat.com/errata/RHSA-2013:0769
rhas Moderate https://access.redhat.com/errata/RHSA-2013:1605
epss 0.00899 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.00899 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.00899 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.00899 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.00899 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.00899 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.00899 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.00899 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.00899 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.00899 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.00899 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.00899 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.01160 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.01160 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.01160 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.01160 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02668 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02704 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02704 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02704 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02704 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02704 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02704 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02704 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02704 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02704 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02704 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02704 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02704 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02704 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02704 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02704 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02704 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02704 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02704 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02704 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02704 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02704 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02704 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02704 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02704 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02704 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02704 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.02704 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
epss 0.04138 https://api.first.org/data/v1/epss?cve=CVE-2013-0242
rhbs low https://bugzilla.redhat.com/show_bug.cgi?id=905874
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2013-0242
generic_textual HIGH http://www.vmware.com/security/advisories/VMSA-2014-0008.html
Reference id Reference type URL
http://osvdb.org/89747
http://rhn.redhat.com/errata/RHSA-2013-0769.html
http://rhn.redhat.com/errata/RHSA-2013-1605.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0242.json
https://api.first.org/data/v1/epss?cve=CVE-2013-0242
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0242
http://secunia.com/advisories/51951
http://secunia.com/advisories/55113
https://exchange.xforce.ibmcloud.com/vulnerabilities/81707
http://sourceware.org/bugzilla/show_bug.cgi?id=15078
http://sourceware.org/ml/libc-alpha/2013-01/msg00967.html
https://security.gentoo.org/glsa/201503-04
http://www.mandriva.com/security/advisories?name=MDVSA-2013:163
http://www.openwall.com/lists/oss-security/2013/01/30/5
http://www.securityfocus.com/bid/57638
http://www.securitytracker.com/id/1028063
http://www.ubuntu.com/usn/USN-1991-1
http://www.vmware.com/security/advisories/VMSA-2014-0008.html
699399 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=699399
905874 https://bugzilla.redhat.com/show_bug.cgi?id=905874
cpe:2.3:a:gnu:glibc:2.17:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:2.17:*:*:*:*:*:*:*
CVE-2013-0242 https://nvd.nist.gov/vuln/detail/CVE-2013-0242
RHSA-2013:0769 https://access.redhat.com/errata/RHSA-2013:0769
RHSA-2013:1605 https://access.redhat.com/errata/RHSA-2013:1605
USN-1991-1 https://usn.ubuntu.com/1991-1/
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2013-0242
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.83139
EPSS Score 0.00899
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.