Integer Overflow Vulnerability in GNU Grep by GNU
CVE-2012-5667

Currently unrated

Key Information:

Vendor: Gnu
Status: Grep
Vendor: CVE Published:; 3 January 2013

Summary

Multiple integer overflow vulnerabilities in GNU Grep versions prior to 2.11 pose a serious threat as they can potentially allow context-dependent attackers to execute arbitrary code. The issue arises when unusually long input lines are processed, resulting in heap-based buffer overflows that can be exploited under specific conditions. This flaw underscores the need for users to secure their systems by updating to the latest versions and following best practices in software maintenance.

References

https://bugs.launchpad.net/ubuntu/+source/grep/+bug/1091473

x_refsource_CONFIRM

http://www.securityfocus.com/bid/57033

vdb-entryx_refsource_BID

http://git.sv.gnu.org/gitweb/?p=grep.git%3Ba=shortlog%3Bh...

x_refsource_CONFIRM

Timeline

Vulnerability published
Jan 3, 2013
Vulnerability Reserved
Oct 24, 2012