VYPR
Unrated severityNVD Advisory· Published Apr 10, 2011· Updated Jun 16, 2026

CVE-2011-1095

CVE-2011-1095

Description

locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

58
  • GNU/Glibc58 versions
    cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*+ 57 more
    • cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*range: <=2.12.2
    • cpe:2.3:a:gnu:glibc:1.00:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:1.01:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:1.02:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:1.03:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:1.04:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:1.05:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:1.06:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:1.07:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:1.08:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:1.09:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:1.09.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.10:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.10.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.10.2:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.11:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.11.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.11.2:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.11.3:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.1.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.12.0:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.12.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.1.3.10:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.1.9:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.3.10:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.3.5:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.3.6:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.6:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.7:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.8:*:*:*:*:*:*:*
    • cpe:2.3:a:gnu:glibc:2.9:*:*:*:*:*:*:*
    • (no CPE)range: <2.13

Patches

Vulnerability mechanics

References

20

News mentions

0

No linked articles in our index yet.