CVE-2019-9169 - In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a h

CVE-2019-9169

Summary

In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.

References

Vulnerable Configurations

cpe:2.3:a:gnu:glibc:-:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:-:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:-:*:*:*:*:*:x64:*
cpe:2.3:a:gnu:glibc:-:*:*:*:*:*:x64:*
cpe:2.3:a:gnu:glibc:0.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:0.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:0.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:0.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:0.4.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:0.4.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:0.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:0.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:0.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:0.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.00:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.00:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.01:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.01:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.02:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.02:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.03:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.03:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.04:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.04:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.05:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.05:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.7:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.7:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.8:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.8:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.9:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.9:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.10:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.10:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.11:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.11:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.12:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.12:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.13:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.06.13:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.07:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.07:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.07.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.07.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.07.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.07.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.07.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.07.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.07.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.07.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.07.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.07.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.07.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.07.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.7:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.7:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.8:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.8:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.9:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.9:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.10:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.10:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.11:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.11:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.12:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.12:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.13:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.13:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.14:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.08.14:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.09:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.09:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.09.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.09.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.09.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.09.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.09.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.09.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.09.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:1.09.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.1.3.10:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.1.3.10:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.2.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.2.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.3.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.3.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.3.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.3.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.3.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.3.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.3.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.3.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.3.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.3.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.3.10:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.3.10:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.6.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.6.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.7:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.7:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.8:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.8:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.9:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.9:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.10:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.10:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.10.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.10.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.12:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.12:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.12:*:*:*:*:*:x86:*
cpe:2.3:a:gnu:glibc:2.12:*:*:*:*:*:x86:*
cpe:2.3:a:gnu:glibc:2.12.0:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.12.0:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.12.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.12.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.13:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.13:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.14:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.14:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.14.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.14.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.15:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.15:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.16:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.16:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.17:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.17:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.17:*:*:*:*:*:x86:*
cpe:2.3:a:gnu:glibc:2.17:*:*:*:*:*:x86:*
cpe:2.3:a:gnu:glibc:2.18:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.18:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.18:*:*:*:*:*:x86:*
cpe:2.3:a:gnu:glibc:2.18:*:*:*:*:*:x86:*
cpe:2.3:a:gnu:glibc:2.19:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.19:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.20:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.20:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.20:*:*:*:*:*:x86:*
cpe:2.3:a:gnu:glibc:2.20:*:*:*:*:*:x86:*
cpe:2.3:a:gnu:glibc:2.21:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.21:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.22:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.22:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.22:*:*:*:*:*:x86:*
cpe:2.3:a:gnu:glibc:2.22:*:*:*:*:*:x86:*
cpe:2.3:a:gnu:glibc:2.23:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.23:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.23:*:*:*:*:*:x86:*
cpe:2.3:a:gnu:glibc:2.23:*:*:*:*:*:x86:*
cpe:2.3:a:gnu:glibc:2.24:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.24:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.25:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.25:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.26:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.26:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.26:*:*:*:*:*:x86:*
cpe:2.3:a:gnu:glibc:2.26:*:*:*:*:*:x86:*
cpe:2.3:a:gnu:glibc:2.27:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.27:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.27:*:*:*:*:*:x86:*
cpe:2.3:a:gnu:glibc:2.27:*:*:*:*:*:x86:*
cpe:2.3:a:gnu:glibc:2.28:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.28:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.28:*:*:*:*:*:x86:*
cpe:2.3:a:gnu:glibc:2.28:*:*:*:*:*:x86:*
cpe:2.3:a:gnu:glibc:2.29:*:*:*:*:*:x86:*
cpe:2.3:a:gnu:glibc:2.29:*:*:*:*:*:x86:*
cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:cloud_backup:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:cloud_backup:*:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:8.0.0:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:8.0.0:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:8.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:8.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:8.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:8.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:8.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:8.0.3:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:8.1:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:8.1:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:8.1.0:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:8.1.0:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.8.2.0:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.8.2.0:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.8.2.1:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.8.2.1:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.8.2.2:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.8.2.2:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.8.2.3:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.8.2.3:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.8.2.4:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.8.2.4:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.8.2.5:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.8.2.5:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.8.2.6:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.8.2.6:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.8.2.7:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.8.2.7:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.0:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.0:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.1:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.1:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.2:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.2:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.3:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.3:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.4:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.4:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.5:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.5:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.6:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.6:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.7:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.7:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.8:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.8:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.9:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.9:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.10:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.10:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.11:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.11:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.12:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.12:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.13:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.13:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.14:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.14:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.15:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.15:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.16:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.16:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.17:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.17:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.18:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.18:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.19:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.19:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.20:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:web_gateway:7.7.2.20:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

CVSS

Base:	7.5 (as of 13-06-2022 - 18:59)
Impact:
Exploitability:

CWE

CWE-125

CAPEC

Infiltration of Hardware Development Environment
An attacker, leveraging the ability to manipulate components of primary support systems and tools within the development and production environments, inserts malicious software within the hardware and/or firmware development environment. The infiltration purpose is to alter developed hardware components in a system destined for deployment at the victim's organization, for the purpose of disruption or further compromise.
Overread Buffers
An adversary attacks a target by providing input that causes an application to read beyond the boundary of a defined buffer. This typically occurs when a value influencing where to start or stop reading is set to reflect positions outside of the valid memory location of the buffer. This type of attack may result in exposure of sensitive information, a system crash, or arbitrary code execution.

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

bid	107160
confirm	https://kc.mcafee.com/corporate/index?page=content&id=SB10278 https://security.netapp.com/advisory/ntap-20190315-0002/ https://support.f5.com/csp/article/K54823184
gentoo	GLSA-202006-04
misc	https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140 https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142 https://sourceware.org/bugzilla/show_bug.cgi?id=24114 https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=583dd860d5b833037175247230a328f0050dbfe9
ubuntu	USN-4416-1

Last major update

13-06-2022 - 18:59

Published

26-02-2019 - 02:29

Last modified

13-06-2022 - 18:59