Computer Security

GNU C integer overflow
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



GNU C integer overflow
Published:04.07.2007
Source:BUGTRAQ
SecurityVulns ID:7887
Type:local
Level:8/10
Description:Integer overflow in ld.so dynamic loader.
CVE:CVE-2007-3508 (** DISPUTED ** Integer overflow in the process_envvars function in elf/rtld.c in glibc before 2.5-rc4 might allow local users to execute arbitrary code via a large LD_HWCAP_MASK environment variable value. NOTE: the glibc maintainers state that they do not believe that this issue is exploitable for code execution.)
Original documentdocumentGENTOO, [ GLSA 200707-04 ] GNU C Library: Integer overflow (04.07.2007)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru