CVE-2015-8983
Severity: 8.1 (High)
Integer overflow in the _IO_wstr_overflow function in libio/wstrops.c in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to computing a size in bytes, which triggers a heap-based buffer overflow.


CVE-2015-8984
Severity: 5.9 (Medium)
The fnmatch function in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash) via a malformed pattern, which triggers an out-of-bounds read.


CVE-2015-8985
Severity: 5.9 (Medium)
The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service (assertion failure and application crash) via vectors related to extended regular expression processing.

Is Spectrum affected by these GNUC C Vulnerabilities CVE-2015-8983, CVE-2015-8984, CVE-2015-8985?

Spectrum uses Visual C++ compiler for Windows instead of GNU C libraries. Therefore, Spectrum is not affected.