CVE-2017-1000409

Source
https://cve.org/CVERecord?id=CVE-2017-1000409
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-1000409.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-1000409
Downstream
Related
Published
2018-02-01T04:29:00.310Z
Modified
2026-07-08T12:53:41.969678Z
Severity
  • 7.0 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A buffer overflow in glibc 2.5 (released on September 29, 2006) and can be triggered through the LDLIBRARYPATH environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366.

References

Affected packages

Git / github.com/bminor/glibc

Affected ranges

Type
GIT
Repo
https://github.com/bminor/glibc
Events
Database specific
{
    "source": "CPE_STRING",
    "cpe": "cpe:2.3:a:gnu:glibc:2.5:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "2.5"
        },
        {
            "last_affected": "2.5"
        }
    ]
}

Affected versions

2.*
2.5
Other
cvs/fedora-glibc-20060929T2037
cvs/glibc-2_5
glibc-2.*
glibc-2.5

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-1000409.json"

Git / sourceware.org/git/glibc.git

Affected ranges

Type
GIT
Repo
https://sourceware.org/git/glibc.git
Events
Introduced
88cc61e84e8e75e6e91b1a2e51147aeb63712ff8
Last affected
88cc61e84e8e75e6e91b1a2e51147aeb63712ff8
Database specific
{
    "source": "CPE_STRING",
    "cpe": "cpe:2.3:a:gnu:glibc:2.5:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "2.5"
        },
        {
            "last_affected": "2.5"
        }
    ]
}

Affected versions

2.*
2.5
Other
cvs/fedora-glibc-20060929T2037
cvs/glibc-2_5
glibc-2.*
glibc-2.5

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-1000409.json"