{ "name": "CVE-2016-3706", "CVE": [ [ "CVE-2016-3706", "Bulletin-CVE-2016-3706" ] ], "Coordinated_disclosure": "unknown", "Categories": [ "Qualcomm components" ], "Details": [ [ "Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Library (aka glibc or libc6) allows remote attackers to cause a denial of service (crash) via vectors involving hostent conversion. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4458.", "NIST-CVE-2016-3706" ] ], "Discovered_on": [], "Discovered_by": [], "Submission": [ { "by": "dcc52", "on": "2019-07-26" } ], "Reported_on": [ [ "2017-12-01", "Bulletin-CVE-2016-3706" ] ], "Fixed_on": [ [ "2016-09-09", "QC-CR#1058691" ] ], "Fix_released_on": [ [ "2017-12-05", "Bulletin-CVE-2016-3706" ] ], "Affected_versions": [], "Affected_devices": [], "Affected_versions_regexp": [ "" ], "Affected_manufacturers": [ [ "Qualcomm", "Bulletin-CVE-2016-3706" ] ], "Fixed_versions": [], "Fixed_versions_regexp": [ "" ], "references": { "QC-CR#1058691": { "url": "https://source.codeaurora.org/quic/le/oe/recipes/commit/?h=LNX.LE.5.3&id=6cfcc1c582a565f5360f7a3977f4a8f42d5245cd" }, "2": { "url": "https://source.codeaurora.org/quic/le/oe/recipes/commit/?h=LNX.LE.5.3&id=0f70f82655ceac279f9f0c76d7995294189096f9" }, "A-34499281": {}, "NIST-CVE-2016-3706": { "url": "https://nvd.nist.gov/vuln/data-feeds" }, "Bulletin-CVE-2016-3706": { "url": "https://source.android.com/security/bulletin/2017-12-01.html" } }, "Surface": [ "remote" ], "Vector": [ "insufficient-standards-verification" ], "Target": [ "system-component" ], "Channel": [ "remote" ], "Condition": [ "user-visits-webpage" ], "Privilege": [ "denial-of-service" ], "CWE": [ [ "CWE-20", "NIST-CVE-2016-3706" ] ] }