Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2017-1000366

glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier.

  • Published: Jun 19, 2017
  • Updated: Apr 13, 2023
  • CVE: CVE-2017-1000366
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.8
  • AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: High
  • Score: 7.2
  • AV:L/AC:L/Au:N/C:C/I:C/A:C

CWEs:

Software From Fixed in
redhat / enterprise_linux_desktop 7.0 7.0.x
redhat / enterprise_linux 5 5.x
redhat / enterprise_linux_server_aus 7.2 7.2.x
redhat / enterprise_linux_workstation 7.0 7.0.x
redhat / enterprise_linux_server_aus 6.2 6.2.x
redhat / enterprise_linux 7.0 7.0.x
redhat / enterprise_linux_server_eus 6.5 6.5.x
redhat / enterprise_linux_server_tus 7.2 7.2.x
redhat / enterprise_linux 6.0 6.0.x
redhat / enterprise_linux_server 7.0 7.0.x
redhat / enterprise_linux_server_aus 6.6 6.6.x
redhat / enterprise_linux_server_eus 7.2 7.2.x
redhat / enterprise_linux_server_aus 6.5 6.5.x
redhat / enterprise_linux_server 6.6 6.6.x
redhat / enterprise_linux_server_tus 6.5 6.5.x
redhat / enterprise_linux_server_long_life 5.9 5.9.x
redhat / enterprise_linux_server_aus 6.4 6.4.x
redhat / enterprise_linux_desktop 6.0 6.0.x
redhat / enterprise_linux_server_eus 6.2 6.2.x
redhat / enterprise_linux_server 6.0 6.0.x
redhat / enterprise_linux_workstation 6.0 6.0.x
redhat / enterprise_linux_server_tus 7.3 7.3.x
redhat / enterprise_linux_server_aus 7.3 7.3.x
redhat / enterprise_linux_server_aus 7.4 7.4.x
redhat / enterprise_linux_server_eus 7.3 7.3.x
redhat / enterprise_linux_server_eus 7.4 7.4.x
redhat / enterprise_linux_server_eus 7.5 7.5.x
redhat / enterprise_linux_server_aus 5.9 5.9.x
redhat / enterprise_linux_server_eus 6.7 6.7.x
redhat / enterprise_linux_server_tus 7.6 7.6.x
redhat / enterprise_linux_server_eus 7.6 7.6.x
redhat / enterprise_linux_server_aus 7.6 7.6.x
redhat / enterprise_linux_server_tus 6.6 6.6.x
suse / linux_enterprise_server 11-sp4 11-sp4.x
suse / linux_enterprise_software_development_kit 12.0-sp2 12.0-sp2.x
novell / suse_linux_enterprise_desktop 12.0-sp2 12.0-sp2.x
novell / suse_linux_enterprise_point_of_sale 11.0-sp3 11.0-sp3.x
suse / linux_enterprise_software_development_kit 11.0-sp4 11.0-sp4.x
suse / linux_enterprise_server 12-sp2 12-sp2.x
suse / linux_enterprise_for_sap 12-sp1 12-sp1.x
novell / suse_linux_enterprise_server 11.0-sp3 11.0-sp3.x
suse / linux_enterprise_server_for_raspberry_pi 12-sp2 12-sp2.x
openstack / cloud_magnum_orchestration 7 7.x
suse / linux_enterprise_server 12-sp1 12-sp1.x
suse / linux_enterprise_server 10-sp4 10-sp4.x
opensuse / leap 42.2 42.2.x
gnu / glibc - 2.25.x
debian / debian_linux 8.0 8.0.x
debian / debian_linux 9.0 9.0.x
mcafee / web_gateway - 7.6.2.14.x
mcafee / web_gateway 7.7.0.0 7.7.2.2.x