PT-2017-17760 · Gnu+1 · Gnulib+1
Publicado
2017-05-02
·
Atualizado
2025-11-06
·
CVE-2017-7476
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Gnulib versions prior to 2017-04-26
Description
The issue is related to a heap-based buffer overflow that occurs with the TZ environment variable. The error is specifically located in the save abbr function within the time rz.c file.
Recommendations
For versions prior to 2017-04-26, update to a version released after 2017-04-26 to resolve the issue. As a temporary workaround, consider restricting the use of the TZ environment variable to minimize the risk of exploitation.
Exploit
Correção
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Alt Linux
Gnulib