Launchpad CVE tracker

CVE 2012-0864

Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFY_SOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments.

Related bugs and status

CVE-2012-0864 (Candidate) is related to these bugs:

Bug #901716: Permanent CPU Hog During TCP Flood on Portmap and RPC.STATD

Summary				In	Importance	Status
	901716	Permanent CPU Hog During TCP Flood on Portmap and RPC.STATD		eglibc (Ubuntu)	Undecided	Fix Released

Bug #953171: Please fix CVE-2012-0864 in precise

Summary				In	Importance	Status
	953171	Please fix CVE-2012-0864 in precise		eglibc (Ubuntu)	High	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://www.phrack.org/...
MISC: http://www.securityfoc...
MISC: https://bugzilla.redha...
MISC: http://rhn.redhat.com/...
MISC: http://rhn.redhat.com/...
MISC: http://rhn.redhat.com/...
MISC: http://rhn.redhat.com/...
MISC: http://sourceware.org/...
MISC: http://sourceware.org/...

Launchpad.net

CVE 2012-0864

Related bugs and status

Related bugs

References