Integer Overflow Vulnerability in Tiny C Compiler by Favia Systems
CVE-2006-0635

Currently unrated

Key Information:

Vendor: Fabrice Bellard
Status: Tiny C Compiler
Vendor: CVE Published:; 10 February 2006

🔔 Create Fabrice Bellard Vulnerability Alert

What is CVE-2006-0635?

The Tiny C Compiler (TCC) version 0.9.23, developed by Favia Systems, contains a flaw in how it evaluates the expression 'i>sizeof(int)' when 'i' is assigned a value of -1. This can lead to misleading results, potentially resulting in integer overflow vulnerabilities. These vulnerabilities can be exploited by attackers in specific contexts, posing a risk to applications that use this version of the compiler.

References

http://www.securityfocus.com/archive/1/424257/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.osvdb.org/22956

vdb-entryx_refsource_OSVDB

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 10, 2006
Vulnerability Reserved
Feb 10, 2006

JSON