CVE-2015-0235

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2015-0235

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2015-0235.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2015-0235

Downstream

DEBIAN-CVE-2015-0235

DLA-139-1

DSA-3142-1

RHSA-2015:0090

RHSA-2015:0092

RHSA-2015:0099

RHSA-2015:0101

RHSA-2015:0126

SUSE-RU-2015:0794-1

SUSE-SU-2015:0253-1

SUSE-SU-2015:0439-1

SUSE-SU-2015:0551-1

UBUNTU-CVE-2015-0235

openSUSE-SU-2024:10290-1

openSUSE-SU-2024:10344-1

openSUSE-SU-2024:11169-1

Related

Withdrawn

2026-01-27T04:13:41.905605Z

Published

2015-01-28T19:59:00Z

Modified

2026-01-27T04:13:41.905605Z

Summary

[none]

Details

Heap-based buffer overflow in the _nsshostnamedigitsdots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."

References

Affected packages