Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2015-7547

Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module.

  • Published: Feb 18, 2016
  • Updated: Apr 13, 2023
  • CVE: CVE-2015-7547
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 8.1
  • AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: Medium
  • Score: 6.8
  • AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

Software From Fixed in
debian / debian_linux 8.0 8.0.x
canonical / ubuntu_linux 12.04 12.04.x
canonical / ubuntu_linux 15.10 15.10.x
canonical / ubuntu_linux 14.04 14.04.x
hp / server_migration_pack 7.5 7.5.x
hp / helion_openstack 1.1.1 1.1.1.x
hp / helion_openstack 2.1.0 2.1.0.x
hp / helion_openstack 2.0.0 2.0.0.x
sophos / unified_threat_management_software 9.319 9.319.x
sophos / unified_threat_management_software 9.355 9.355.x
suse / linux_enterprise_server 11.0-sp4 11.0-sp4.x
suse / linux_enterprise_debuginfo 11.0-sp2 11.0-sp2.x
suse / linux_enterprise_software_development_kit 11.0-sp4 11.0-sp4.x
suse / linux_enterprise_server 11.0-sp3 11.0-sp3.x
suse / linux_enterprise_software_development_kit 12-sp1 12-sp1.x
suse / linux_enterprise_desktop 11.0-sp3 11.0-sp3.x
suse / linux_enterprise_software_development_kit 12 12.x
suse / linux_enterprise_server 11.0-sp2 11.0-sp2.x
suse / linux_enterprise_server 12-sp1 12-sp1.x
suse / linux_enterprise_debuginfo 11.0-sp4 11.0-sp4.x
suse / linux_enterprise_desktop 11.0-sp4 11.0-sp4.x
suse / linux_enterprise_software_development_kit 11.0-sp3 11.0-sp3.x
suse / linux_enterprise_desktop 12 12.x
suse / linux_enterprise_debuginfo 11.0-sp3 11.0-sp3.x
suse / linux_enterprise_desktop 12-sp1 12-sp1.x
opensuse / opensuse 13.2 13.2.x
suse / suse_linux_enterprise_server 12 12.x
oracle / exalogic_infrastructure 1.0 1.0.x
oracle / exalogic_infrastructure 2.0 2.0.x
f5 / big-ip_local_traffic_manager 12.0.0 12.0.0.x
f5 / big-ip_policy_enforcement_manager 12.0.0 12.0.0.x
f5 / big-ip_application_acceleration_manager 12.0.0 12.0.0.x
f5 / big-ip_access_policy_manager 12.0.0 12.0.0.x
f5 / big-ip_analytics 12.0.0 12.0.0.x
f5 / big-ip_advanced_firewall_manager 12.0.0 12.0.0.x
f5 / big-ip_domain_name_system 12.0.0 12.0.0.x
f5 / big-ip_application_security_manager 12.0.0 12.0.0.x
f5 / big-ip_link_controller 12.0.0 12.0.0.x
oracle / fujitsu_m10_firmware - 2290.x
redhat / enterprise_linux_desktop 7.0 7.0.x
redhat / enterprise_linux_server_aus 7.2 7.2.x
redhat / enterprise_linux_workstation 7.0 7.0.x
redhat / enterprise_linux_server 7.0 7.0.x
redhat / enterprise_linux_hpc_node 7.0 7.0.x
redhat / enterprise_linux_server_eus 7.2 7.2.x
redhat / enterprise_linux_hpc_node_eus 7.2 7.2.x
gnu / glibc 2.9 2.9.x
gnu / glibc 2.11 2.11.x
gnu / glibc 2.10.1 2.10.1.x
gnu / glibc 2.17 2.17.x
gnu / glibc 2.14 2.14.x
gnu / glibc 2.22 2.22.x
gnu / glibc 2.20 2.20.x
gnu / glibc 2.13 2.13.x
gnu / glibc 2.12.1 2.12.1.x
gnu / glibc 2.19 2.19.x
gnu / glibc 2.10 2.10.x
gnu / glibc 2.14.1 2.14.1.x
gnu / glibc 2.11.2 2.11.2.x
gnu / glibc 2.16 2.16.x
gnu / glibc 2.18 2.18.x
gnu / glibc 2.11.3 2.11.3.x
gnu / glibc 2.11.1 2.11.1.x
gnu / glibc 2.21 2.21.x
gnu / glibc 2.15 2.15.x
gnu / glibc 2.12 2.12.x
gnu / glibc 2.12.2 2.12.2.x