Title: GNU C Library (glibc) Multiple Function Input String Parsing Integer Overflows
Aug 12, 2012
Dec 25, 2012
GNU C Library (glibc) is prone to an overflow condition. This issue is triggered by integer overflows in the strtod(), strtof(), strtold(), and strtod_l() functions when parsing input strings, which will result in a buffer overflow. With a specially crafted overly long string, a remote attacker can potentially execute arbitrary code.
Remote / Network Access
Loss of Integrity
It has been reported that this issue has been fixed. Upgrade to version 2.17, or higher, to address this vulnerability.