GNU : Security Vulnerabilities, CVEs, Published In 2012 (Code Execution)
Integer overflow in the GnashImage::size method in libbase/GnashImage.h in GNU Gnash 0.8.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SWF file, which triggers a heap-based buffer overflow.
Max CVSS
6.8
EPSS Score
3.42%
Published
2012-08-26
Updated
2012-08-27
The "make distcheck" rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants world-writable permissions to the extraction directory, which introduces a race condition that allows local users to execute arbitrary code via unspecified vectors.
Max CVSS
4.4
EPSS Score
0.04%
Published
2012-08-07
Updated
2023-02-13
Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, (4) strtod_l, and other unspecified "related functions" in stdlib in GNU C Library (aka glibc or libc6) 2.16 allow local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow.
Max CVSS
4.6
EPSS Score
0.04%
Published
2012-08-25
Updated
2023-02-13
3 vulnerabilities found