PT-2012-4175 · Hoard · Hoard
Xi Wang
·
Published
2012-07-25
·
Updated
2012-07-30
·
CVE-2012-2676
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Hoard versions prior to 3.9
Description
The issue is related to multiple integer overflows in the
malloc and calloc functions, which can be exploited by context-dependent attackers to perform memory-related attacks, such as buffer overflows, by providing a large size value. This causes less memory to be allocated than expected, potentially leading to security issues in implementing code.Recommendations
For versions prior to 3.9, update to version 3.9 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Hoard