Search for vulnerabilities
Vulnerability details: VCID-mmg2-fxha-tugq
Vulnerability ID VCID-mmg2-fxha-tugq
Aliases CVE-2015-0235
Summary
Status Published
Exploitability 2.0
Weighted Severity 0.8
Risk 1.6
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-131 Incorrect Calculation of Buffer Size
CWE-122 Heap-based Buffer Overflow
System Score Found at
epss 0.85843 https://api.first.org/data/v1/epss?cve=CVE-2015-0235
epss 0.85843 https://api.first.org/data/v1/epss?cve=CVE-2015-0235
epss 0.85843 https://api.first.org/data/v1/epss?cve=CVE-2015-0235
epss 0.85843 https://api.first.org/data/v1/epss?cve=CVE-2015-0235
epss 0.85843 https://api.first.org/data/v1/epss?cve=CVE-2015-0235
epss 0.86032 https://api.first.org/data/v1/epss?cve=CVE-2015-0235
epss 0.86032 https://api.first.org/data/v1/epss?cve=CVE-2015-0235
epss 0.8763 https://api.first.org/data/v1/epss?cve=CVE-2015-0235
epss 0.8763 https://api.first.org/data/v1/epss?cve=CVE-2015-0235
epss 0.8763 https://api.first.org/data/v1/epss?cve=CVE-2015-0235
epss 0.8763 https://api.first.org/data/v1/epss?cve=CVE-2015-0235
epss 0.88421 https://api.first.org/data/v1/epss?cve=CVE-2015-0235
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0235.json
https://api.first.org/data/v1/epss?cve=CVE-2015-0235
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6656
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6040
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7817
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235
1183461 https://bugzilla.redhat.com/show_bug.cgi?id=1183461
776391 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776391
CVE-2015-0235;OSVDB-117579 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/35951.py
CVE-2015-0235;OSVDB-117579 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/36421.rb
CVE-2015-0235;OSVDB-117579 Exploit https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt
RHSA-2015:0090 https://access.redhat.com/errata/RHSA-2015:0090
RHSA-2015:0092 https://access.redhat.com/errata/RHSA-2015:0092
RHSA-2015:0099 https://access.redhat.com/errata/RHSA-2015:0099
RHSA-2015:0101 https://access.redhat.com/errata/RHSA-2015:0101
RHSA-2015:0126 https://access.redhat.com/errata/RHSA-2015:0126
USN-2485-1 https://usn.ubuntu.com/2485-1/
Data source Exploit-DB
Date added March 18, 2015
Description Exim - 'GHOST' glibc gethostbyname Buffer Overflow (Metasploit)
Ransomware campaign use Known
Source publication date March 18, 2015
Exploit type remote
Platform linux
Source update date Jan. 22, 2018
Source URL https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt
Data source Metasploit
Description This module remotely exploits CVE-2015-0235, aka GHOST, a heap-based buffer overflow in the GNU C Library's gethostbyname functions on x86 and x86_64 GNU/Linux systems that run the Exim mail server.
Note 
AKA:
  - ghost
Stability:
  - unknown-stability
Reliability:
  - unknown-reliability
SideEffects:
  - unknown-side-effects
Ransomware campaign use Unknown
Source publication date Jan. 27, 2015
Platform Unix
Source URL https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/linux/smtp/exim_gethostbyname_bof.rb
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.99337
EPSS Score 0.85843
Published At Aug. 17, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:41:57.034372+00:00 Ubuntu USN Importer Import https://usn.ubuntu.com/2485-1/ 37.0.0