{
  "threat_severity" : "Low",
  "public_date" : "2013-01-29T00:00:00Z",
  "bugzilla" : {
    "description" : "glibc: Buffer overrun (DoS) in regexp matcher by processing multibyte characters",
    "id" : "905874",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=905874"
  },
  "cvss" : {
    "cvss_base_score" : "4.3",
    "cvss_scoring_vector" : "AV:N/AC:M/Au:N/C:N/I:N/A:P",
    "status" : "verified"
  },
  "details" : [ "Buffer overflow in the extend_buffers function in the regular expression matcher (posix/regexec.c) in glibc, possibly 2.17 and earlier, allows context-dependent attackers to cause a denial of service (memory corruption and crash) via crafted multibyte characters.", "A flaw was found in the regular expression matching routines that process multibyte character input. If an application utilized the glibc regular expression matching mechanism, an attacker could provide specially-crafted input that, when processed, would cause the application to crash." ],
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "release_date" : "2013-04-24T00:00:00Z",
    "advisory" : "RHSA-2013:0769",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5",
    "package" : "glibc-0:2.5-107.el5_9.4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "release_date" : "2013-11-20T00:00:00Z",
    "advisory" : "RHSA-2013:1605",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6",
    "package" : "glibc-0:2.12-1.132.el6"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2013-0242\nhttps://nvd.nist.gov/vuln/detail/CVE-2013-0242" ],
  "name" : "CVE-2013-0242",
  "csaw" : false
}