CVE-2009-5029

EPSS 2.8%

Published: 5/2/2013Modified: 4/28/2026

Also known as:DEBIAN-CVE-2009-5029

Description

Integer overflow in the __tzfile_read function in glibc before 2.15 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted timezone (TZ) file, as demonstrated using vsftpd.

Affected packages (1)

Debian/glibcfrom 0, < 2.13-24

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2009-5029