CVE-2012-3404
Published Feb 10, 2014
Last updated 6 years ago
Overview
- Description
- The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.12 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (stack corruption and crash) via a format string that uses positional parameters and many format specifiers.
- Source
- secalert@redhat.com
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:P
Weaknesses
- nvd@nist.gov
- CWE-189
Social media
- Hype score
- Not currently trending
Configurations
[ { "nodes": [ { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:a:gnu:glibc:2.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18F57529-10DF-447A-8C53-DD4B1C2AA21E" }, { "criteria": "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "105130E9-D48E-4FB8-A715-E6438EC7E744" }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:-:lts:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D6DFE2D3-46E2-4D0C-8508-30307D654560" }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7118F616-25CA-4E34-AA13-4D14BB62419F" }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EF49D26F-142E-468B-87C1-BABEA445255C" }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E4174F4F-149E-41A6-BBCC-D01114C05F38" }, { "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F5D324C4-97C7-49D3-A809-9EAD4B690C69" }, { "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC" } ], "operator": "OR" } ] } ]