CVE-2015-1572
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2015-1572
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Heap-based buffer overflow in closefs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code by causing a crafted block group descriptor to be marked as dirty. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-0247.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
e2fsprogs libext2fs库基于堆的缓冲区溢出漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
e2fsprogs(又名e2fs programs)是美国软件开发者曹子德(Theodore Y. Ts'o)所研发的一套用以维护ext2、ext3和ext4文件系统(是大多数Linux发行版默认的文件系统)的工具程序集。 e2fsprogs 1.42.11及之前版本的libext2fs库中的openfs.c文件存在基于堆的缓冲区溢出漏洞。本地攻击者可通过将特制的块组描述符标记为‘dirty’利用该漏洞执行任意代码。(注:该漏洞源于CNNVD-201502-189补丁的不完全修复)
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2015-1572
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2015-1572
请登录查看更多情报信息。
Vendor Advisories for CVE-2015-1572 (6)
- http://advisories.mageia.org/MGASA-2015-0088.htmlx_refsource_CONFIRM
Mailing List Discussions for CVE-2015-1572 (5)
- http://lists.fedoraproject.org/pipermail/package-announce/2015-March/150805.htmlvendor-advisoryx_refsource_FEDORA
- http://lists.fedoraproject.org/pipermail/package-announce/2015-March/150606.htmlvendor-advisoryx_refsource_FEDORA
Same Patch Batch · n/a · 2015-02-24 · 22 CVEs total
| CVE-2015-2069 | WordPress WooCommerce插件跨站脚本漏洞 | |
| CVE-2015-0240 | Samba 代码问题漏洞 | |
| CVE-2015-1881 | OpenStack Image Registry and Delivery Service 资源管理错误漏洞 | |
| CVE-2015-1605 | Dell ScriptLogic Asset Manager SQL注入漏洞 | |
| CVE-2015-0555 | Samsung iPOLiS Device Manager 缓冲区溢出漏洞 | |
| CVE-2014-9684 | OpenStack Image Registry and Delivery Service 资源管理错误漏洞 | |
| CVE-2014-9402 | GNU C Library 资源管理错误漏洞 | |
| CVE-2014-8487 | Kony Management 信息泄露漏洞 | |
| CVE-2013-7423 | GNU C Library 代码注入漏洞 | |
| CVE-2015-2071 | ETouch Systems SamePage Enterprise Edition 目录遍历漏洞 | |
| CVE-2015-2070 | ETouch Systems SamePage Enterprise Edition SQL注入漏洞 | |
| CVE-2015-2077 | Komodia SDK for Komodia Redirector with SSL Digestor 信息泄露漏洞 | |
| CVE-2015-2068 | Magento Server MAGMI插件跨站脚本漏洞 | |
| CVE-2015-2067 | Magento Server MAGMI插件目录遍历漏洞 | |
| CVE-2015-2066 | DLGuard SQL注入漏洞 | |
| CVE-2015-2065 | WordPress Apptha WordPress Video Gallery插件SQL注入漏洞 | |
| CVE-2015-2064 | DLGuard 跨站脚本漏洞 | |
| CVE-2014-9282 | Android Speed Root Explorer和Android Speed Explorer应用程序目录遍历漏洞 | |
| CVE-2014-6115 | IBM Rational Insight 信息泄露漏洞 | |
| CVE-2014-4818 | IBM Tivoli Storage Manager dsmtca程序信息泄露漏洞 |
Showing top 20 of 22 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
V. Comments for CVE-2015-1572
No comments yet