|
|
CVE Reference: CVE-2007-3508 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-3508 |
|
|
Description: ** DISPUTED ** Integer overflow in the process_envvars function in elf/rtld.c in glibc before 2.5-rc4 might allow local users to execute arbitrary code via a large LD_HWCAP_MASK environment variable value. NOTE: the glibc maintainers state that they do not believe that this issue is exploitable for code execution. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/35240 ST 1018334 SAID Secunia Advisory: SA25864 MLIST http://www.sourceware.org/ml/libc-hacker/2007-07/msg00001.html MISC http://sources.gentoo.org/viewcvs.py/gentoo/src/patchsets/glibc/2.5/1600_all_glibc-hwcap-mask-secure.patch?rev=1.1&view=markup GENTOO http://security.gentoo.org/glsa/glsa-200707-04.xml CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=183844 BID 24758 |
|
| Return to the previous page. |
