Computer Security
[EN] securityvulns.ru no-pyccku


GNU C integer overflow
Published:04.07.2007
Source:
SecurityVulns ID:7887
Type:local
Threat Level:
8/10
Description:Integer overflow in ld.so dynamic loader.
CVE:CVE-2007-3508 (** DISPUTED ** Integer overflow in the process_envvars function in elf/rtld.c in glibc before 2.5-rc4 might allow local users to execute arbitrary code via a large LD_HWCAP_MASK environment variable value. NOTE: the glibc maintainers state that they do not believe that this issue is exploitable for code execution.)
Original documentdocumentGENTOO, [ GLSA 200707-04 ] GNU C Library: Integer overflow (04.07.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod