CVE-2006-1902

Name of the Vulnerable Software and Affected Versions GNU Compiler Collection (gcc) version 4.1

Description The issue is related to the fold binary function in fold-const.c, which improperly handles pointer overflow when folding a certain expression comparison to a corresponding offset comparison in cases other than EQ EXPR and NE EXPR. This might introduce buffer overflow vulnerabilities into applications that could be exploited by context-dependent attackers. The vendor states that the essence of the issue is not correctly interpreting an offset to a pointer as a signed value.

Recommendations For GNU Compiler Collection (gcc) version 4.1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.