CVE-2011-1095
EPSS 0.14%發布日:2011/4/10修改日:2026/4/28
描述
locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function.
受影響套件(1)
- Debian/glibcfrom 0, < 2.13-16