Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2020-1752
Description:A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.
Test IDs: 1.3.6.1.4.1.25623.1.0.877643   1.3.6.1.4.1.25623.1.0.853099   1.3.6.1.4.1.25623.1.1.2.2020.2131   1.3.6.1.4.1.25623.1.1.2.2020.1712   1.3.6.1.4.1.25623.1.1.2.2020.1599   1.3.6.1.4.1.25623.1.1.4.2020.0820.1  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2020-1752
https://security.gentoo.org/glsa/202101-20
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://usn.ubuntu.com/4416-1/




© 1998-2021 E-Soft Inc. All rights reserved.