CVE-2008-1391

EPSS 19.1%

glibc - several vulnerabilities

發布日:2008/3/27修改日:2026/4/28

描述

Multiple integer overflows in libc in NetBSD 4.x, FreeBSD 6.x and 7.x, and probably other BSD and Apple Mac OS platforms allow context-dependent attackers to execute arbitrary code via large values of certain integer fields in the format argument to (1) the strfmon function in lib/libc/stdlib/strfmon.c, related to the GET_NUMBER macro; and (2) the printf function, related to left_prec and right_prec.

受影響套件(2)

Debian/glibcfrom 0, < 2.11-1
Debian/glibcfrom 0, < 2.7-18lenny4

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-1391