What is CVE-2010-4052?

CVE-2010-4052 is a vulnerability in Gnu Glibc, classified under CWE-399. Published 2011-01-13.

Is CVE-2010-4052 known to be exploited?

3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Gnu Glibc

CVE-2010-4052

Stack consumption vulnerability in the regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (resource exhaustion) via a…

EPSS: 0.513 (98.8th percentile) — read the EPSS interpretation.

Affected products

Gnu Glibc — versions 1.00, 1.01, 1.02
N/a — versions n/a

Weakness classification (CWE)

CWE-399

Public proof-of-concept exploits

References

42547 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
1024832 (vdb-entry, x_refsource_SECTRACK)
20110107 GNU libc/regcomp(3) Multiple Vulnerabilities (mailing-list, Exploit, x_refsource_FULLDISC)
VU#912279 (x_refsource_CERT-VN, US Government Resource, third-party-advisory)
45233 (Exploit, vdb-entry, x_refsource_BID)
20110107 GNU libc/regcomp(3) Multiple Vulnerabilities (mailing-list, x_refsource_BUGTRAQ)
cve@mitre.org (Patch, x_refsource_MISC)
15935 (exploit, x_refsource_EXPLOIT-DB)
8003 (Exploit, x_refsource_SREASON, third-party-advisory)
20110107 GNU libc/regcomp(3) Multiple Vulnerabilities (x_refsource_SREASONRES, Exploit, third-party-advisory)

Frequently asked questions

What is CVE-2010-4052?: CVE-2010-4052 is a vulnerability in Gnu Glibc, classified under CWE-399. Published 2011-01-13.
Is CVE-2010-4052 known to be exploited?: 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.