CVE-2012-3480 - Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, (4) strtod_l, and other unspe

CVE-2012-3480

Summary

Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, (4) strtod_l, and other unspecified "related functions" in stdlib in GNU C Library (aka glibc or libc6) 2.16 allow local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow.

References

Vulnerable Configurations

cpe:2.3:a:gnu:glibc:2.16:*:*:*:*:*:*:*
cpe:2.3:a:gnu:glibc:2.16:*:*:*:*:*:*:*

CVSS

Base:	4.6 (as of 13-02-2023 - 03:28)
Impact:
Exploitability:

CWE

CWE-189

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:P/A:P

redhat via4

advisories

bugzilla

id	847715
title	CVE-2012-3480 glibc: Integer overflows, leading to stack-based buffer overflows in strto* related routines

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 5 is installed
oval oval:com.redhat.rhba:tst:20070331005

AND
comment glibc is earlier than 0:2.5-81.el5_8.7
oval oval:com.redhat.rhsa:tst:20121207001
comment glibc is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20130022002
AND
comment glibc-common is earlier than 0:2.5-81.el5_8.7
oval oval:com.redhat.rhsa:tst:20121207003
comment glibc-common is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20130022004
AND
comment glibc-devel is earlier than 0:2.5-81.el5_8.7
oval oval:com.redhat.rhsa:tst:20121207005
comment glibc-devel is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20130022006

AND

comment glibc-headers is earlier than 0:2.5-81.el5_8.7
oval oval:com.redhat.rhsa:tst:20121207007
comment glibc-headers is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20130022008

AND
comment glibc-utils is earlier than 0:2.5-81.el5_8.7
oval oval:com.redhat.rhsa:tst:20121207009
comment glibc-utils is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20130022010
AND
comment nscd is earlier than 0:2.5-81.el5_8.7
oval oval:com.redhat.rhsa:tst:20121207011
comment nscd is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20130022012

rhsa

id	RHSA-2012:1207
released	2012-08-27
severity	Moderate
title	RHSA-2012:1207: glibc security and bug fix update (Moderate)

bugzilla

id	847715
title	CVE-2012-3480 glibc: Integer overflows, leading to stack-based buffer overflows in strto* related routines

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 6 is installed
oval oval:com.redhat.rhba:tst:20111656003

AND
comment glibc is earlier than 0:2.12-1.80.el6_3.5
oval oval:com.redhat.rhsa:tst:20121208001
comment glibc is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20120763002

AND

comment glibc-common is earlier than 0:2.12-1.80.el6_3.5
oval oval:com.redhat.rhsa:tst:20121208003
comment glibc-common is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20120763004

AND

comment glibc-devel is earlier than 0:2.12-1.80.el6_3.5
oval oval:com.redhat.rhsa:tst:20121208005
comment glibc-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20120763006

AND

comment glibc-headers is earlier than 0:2.12-1.80.el6_3.5
oval oval:com.redhat.rhsa:tst:20121208007
comment glibc-headers is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20120763008

AND

comment glibc-static is earlier than 0:2.12-1.80.el6_3.5
oval oval:com.redhat.rhsa:tst:20121208009
comment glibc-static is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20120763010

AND

comment glibc-utils is earlier than 0:2.12-1.80.el6_3.5
oval oval:com.redhat.rhsa:tst:20121208011
comment glibc-utils is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20120763012

AND
comment nscd is earlier than 0:2.12-1.80.el6_3.5
oval oval:com.redhat.rhsa:tst:20121208013
comment nscd is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20120763014

rhsa

id	RHSA-2012:1208
released	2012-08-27
severity	Moderate
title	RHSA-2012:1208: glibc security update (Moderate)

rhsa
id RHSA-2012:1262
rhsa
id RHSA-2012:1325

rpms

glibc-0:2.5-81.el5_8.7
glibc-common-0:2.5-81.el5_8.7
glibc-debuginfo-0:2.5-81.el5_8.7
glibc-debuginfo-common-0:2.5-81.el5_8.7
glibc-devel-0:2.5-81.el5_8.7
glibc-headers-0:2.5-81.el5_8.7
glibc-utils-0:2.5-81.el5_8.7
nscd-0:2.5-81.el5_8.7
glibc-0:2.12-1.80.el6_3.5
glibc-common-0:2.12-1.80.el6_3.5
glibc-debuginfo-0:2.12-1.80.el6_3.5
glibc-debuginfo-common-0:2.12-1.80.el6_3.5
glibc-devel-0:2.12-1.80.el6_3.5
glibc-headers-0:2.12-1.80.el6_3.5
glibc-static-0:2.12-1.80.el6_3.5
glibc-utils-0:2.12-1.80.el6_3.5
nscd-0:2.12-1.80.el6_3.5
rhev-hypervisor6-0:6.3-20120926.0.el6_3

refmap via4

bid	54982
fedora	FEDORA-2012-11927
gentoo	GLSA-201503-04
misc	http://sourceware.org/bugzilla/show_bug.cgi?id=14459
mlist	[libc-alpha] 20120812 Fix strtod integer/buffer overflow (bug 14459) [oss-security] 20120813 CVE Request -- glibc: Integer overflows, leading to stack-based buffer overflows in strto* related routines [oss-security] 20120813 Re: CVE Request -- glibc: Integer overflows, leading to stack-based buffer overflows in strto* related routines
osvdb	84710
sectrack	1027374
secunia	50201 50422
ubuntu	USN-1589-1

Last major update

13-02-2023 - 03:28

Published

25-08-2012 - 10:29

Last modified

13-02-2023 - 03:28