Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
CVE Kennung: | CVE-2012-3405 |
Beschreibung: | The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.14 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (segmentation fault and crash) via a format string with a large number of format specifiers that triggers "desynchronization within the buffer size handling," a different vulnerability than CVE-2012-3404. |
Test Kennungen: | 1.3.6.1.4.1.25623.1.0.703169 1.3.6.1.4.1.25623.1.1.4.2013.1251.1 1.3.6.1.4.1.25623.1.1.4.2012.1666.1 |
Querverweise: |
Common Vulnerability Exposure (CVE) ID: CVE-2012-3405 https://security.gentoo.org/glsa/201503-04 http://www.openwall.com/lists/oss-security/2012/07/11/17 RedHat Security Advisories: RHSA-2012:1098 http://rhn.redhat.com/errata/RHSA-2012-1098.html RedHat Security Advisories: RHSA-2012:1200 http://rhn.redhat.com/errata/RHSA-2012-1200.html http://www.ubuntu.com/usn/USN-1589-1 |