oval:org.mitre.oval:def:21252
Definition Id: oval:org.mitre.oval:def:21252 | |||
Oval ID: | oval:org.mitre.oval:def:21252 | ||
Title: | RHSA-2012:1098: glibc security and bug fix update (Moderate) | ||
Description: | The vfprintf function in stdio-common/vfprintf.c in GNU C Library (aka glibc) 2.5, 2.12, and probably other versions does not "properly restrict the use of" the alloca function when allocating the SPECS array, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (crash) or possibly execute arbitrary code via a crafted format string using positional parameters and a large number of format specifiers, a different vulnerability than CVE-2012-3404 and CVE-2012-3405. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:1098-01 CESA-2012:1098 CVE-2012-3404 CVE-2012-3405 CVE-2012-3406 | Version: | 28 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | glibc |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:20273 | |||
Oval ID: | oval:org.mitre.oval:def:20273 | ||
Title: | The operating system installed on the system is Red Hat Enterprise Linux 6 | ||
Description: | The operating system installed on the system is Red Hat Enterprise Linux 6. | ||
Family: | unix | Class: | inventory |
Reference(s): | cpe:/o:redhat:enterprise_linux:6 | Version: | 6 |
Platform(s): | Red Hat Enterprise Linux 6 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:21252 |
Definition Id: oval:org.mitre.oval:def:16337 | |||
Oval ID: | oval:org.mitre.oval:def:16337 | ||
Title: | The operating system installed on the system is CentOS Linux 6.x | ||
Description: | The operating system installed on the system is CentOS Linux 6.x | ||
Family: | unix | Class: | inventory |
Reference(s): | cpe:/o:centos:centos:6 | Version: | 5 |
Platform(s): | CentOS Linux 6 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:21252 |