CVE-2012-0864 in C Libraryinfo

Summary

Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFY_SOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

01/19/2012

Disclosure

05/02/2013

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
4996	GNU C Library vfprintf numeric error	189	Proof-of-Concept	Official fix	CVE-2012-0864
4675	GNU C Library Format String Protection numeric error	189	Proof-of-Concept	Official fix	CVE-2012-0864

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸