Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFY_SOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments.
References
Configurations
History
13 Feb 2023, 03:28
Type | Values Removed | Values Added |
---|---|---|
Summary | Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFY_SOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments. | |
References |
|
02 Feb 2023, 15:15
Type | Values Removed | Values Added |
---|---|---|
Summary | CVE-2012-0864 glibc: FORTIFY_SOURCE format string protection bypass via "nargs" integer overflow | |
References |
|
|
Information
Published : 2013-05-02 14:55
Updated : 2023-12-10 11:16
NVD link : CVE-2012-0864
Mitre link : CVE-2012-0864
CVE.ORG link : CVE-2012-0864
JSON object : View
Products Affected
gnu
- glibc
CWE
CWE-189
Numeric Errors