CVE-2009-5029

描述

Integer overflow in the __tzfile_read function in glibc before 2.15 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted timezone (TZ) file, as demonstrated using vsftpd.

受影響套件(1)

• Debian/glibcfrom 0, < 2.13-24

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2009-5029