VYPR
Unrated severityNVD Advisory· Published May 2, 2013· Updated Jun 16, 2026

CVE-2009-5029

CVE-2009-5029

Description

Integer overflow in the __tzfile_read function in glibc before 2.15 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted timezone (TZ) file, as demonstrated using vsftpd.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

17
  • GNU/Glibc15 versions
    cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*+ 14 more
    • cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*range: <=2.14
    • cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.13:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*
  • glibc/glibcllm-fuzzy
    Range: <2.15

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.