// For flags

CVE-2012-4412

GNU glibc - 'strcoll()' Routine Integer Overflow

Severity Score

7.5
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

2
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a heap-based buffer overflow.

Desbordamiento de enteros en string/strcoll_l.c en GNU C Library (también conocida como glibc o libc6) 2.17 y anteriores versiones permite a atacantes dependientes del contexto provocar una denegación del servicio (cuelgue) o posiblemente ejecutar código arbitrario a través de una cadena larga, lo que provoca un desbordamiento de buffer basado en memoria dinámica.

The industrial managed switch series 852 from WAGO is affected by multiple vulnerabilities such as old software components embedded in the firmware. Furthermore, hardcoded password hashes and credentials were also found by doing an automated scan with IoT Inspector.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2012-08-21 CVE Reserved
  • 2012-09-07 First Exploit
  • 2013-10-09 CVE Published
  • 2023-11-26 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-189: Numeric Errors
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Gnu
Search vendor "Gnu"
Glibc
Search vendor "Gnu" for product "Glibc"
<= 2.17
Search vendor "Gnu" for product "Glibc" and version " <= 2.17"
-
Affected
Gnu
Search vendor "Gnu"
Glibc
Search vendor "Gnu" for product "Glibc"
2.0
Search vendor "Gnu" for product "Glibc" and version "2.0"
-
Affected
Gnu
Search vendor "Gnu"
Glibc
Search vendor "Gnu" for product "Glibc"
2.0.1
Search vendor "Gnu" for product "Glibc" and version "2.0.1"
-
Affected
Gnu
Search vendor "Gnu"
Glibc
Search vendor "Gnu" for product "Glibc"
2.0.2
Search vendor "Gnu" for product "Glibc" and version "2.0.2"
-
Affected
Gnu
Search vendor "Gnu"
Glibc
Search vendor "Gnu" for product "Glibc"
2.0.3
Search vendor "Gnu" for product "Glibc" and version "2.0.3"
-
Affected
Gnu
Search vendor "Gnu"
Glibc
Search vendor "Gnu" for product "Glibc"
2.0.4
Search vendor "Gnu" for product "Glibc" and version "2.0.4"
-
Affected
Gnu
Search vendor "Gnu"
Glibc
Search vendor "Gnu" for product "Glibc"
2.0.5
Search vendor "Gnu" for product "Glibc" and version "2.0.5"
-
Affected
Gnu
Search vendor "Gnu"
Glibc
Search vendor "Gnu" for product "Glibc"
2.0.6
Search vendor "Gnu" for product "Glibc" and version "2.0.6"
-
Affected
Gnu
Search vendor "Gnu"
Glibc
Search vendor "Gnu" for product "Glibc"
2.1
Search vendor "Gnu" for product "Glibc" and version "2.1"
-
Affected
Gnu
Search vendor "Gnu"
Glibc
Search vendor "Gnu" for product "Glibc"
2.1.1
Search vendor "Gnu" for product "Glibc" and version "2.1.1"
-
Affected
Gnu
Search vendor "Gnu"
Glibc
Search vendor "Gnu" for product "Glibc"
2.1.1.6
Search vendor "Gnu" for product "Glibc" and version "2.1.1.6"
-
Affected
Gnu
Search vendor "Gnu"
Glibc
Search vendor "Gnu" for product "Glibc"
2.1.2
Search vendor "Gnu" for product "Glibc" and version "2.1.2"
-
Affected
Gnu
Search vendor "Gnu"
Glibc
Search vendor "Gnu" for product "Glibc"
2.1.3
Search vendor "Gnu" for product "Glibc" and version "2.1.3"
-
Affected
Gnu
Search vendor "Gnu"
Glibc
Search vendor "Gnu" for product "Glibc"
2.1.9
Search vendor "Gnu" for product "Glibc" and version "2.1.9"
-
Affected
Gnu
Search vendor "Gnu"
Glibc
Search vendor "Gnu" for product "Glibc"
2.10.1
Search vendor "Gnu" for product "Glibc" and version "2.10.1"
-
Affected
Gnu
Search vendor "Gnu"
Glibc
Search vendor "Gnu" for product "Glibc"
2.11
Search vendor "Gnu" for product "Glibc" and version "2.11"
-
Affected
Gnu
Search vendor "Gnu"
Glibc
Search vendor "Gnu" for product "Glibc"
2.11.1
Search vendor "Gnu" for product "Glibc" and version "2.11.1"
-
Affected
Gnu
Search vendor "Gnu"
Glibc
Search vendor "Gnu" for product "Glibc"
2.11.2
Search vendor "Gnu" for product "Glibc" and version "2.11.2"
-
Affected
Gnu
Search vendor "Gnu"
Glibc
Search vendor "Gnu" for product "Glibc"
2.11.3
Search vendor "Gnu" for product "Glibc" and version "2.11.3"
-
Affected
Gnu
Search vendor "Gnu"
Glibc
Search vendor "Gnu" for product "Glibc"
2.12.1
Search vendor "Gnu" for product "Glibc" and version "2.12.1"
-
Affected
Gnu
Search vendor "Gnu"
Glibc
Search vendor "Gnu" for product "Glibc"
2.12.2
Search vendor "Gnu" for product "Glibc" and version "2.12.2"
-
Affected
Gnu
Search vendor "Gnu"
Glibc
Search vendor "Gnu" for product "Glibc"
2.13
Search vendor "Gnu" for product "Glibc" and version "2.13"
-
Affected
Gnu
Search vendor "Gnu"
Glibc
Search vendor "Gnu" for product "Glibc"
2.14
Search vendor "Gnu" for product "Glibc" and version "2.14"
-
Affected
Gnu
Search vendor "Gnu"
Glibc
Search vendor "Gnu" for product "Glibc"
2.14.1
Search vendor "Gnu" for product "Glibc" and version "2.14.1"
-
Affected
Gnu
Search vendor "Gnu"
Glibc
Search vendor "Gnu" for product "Glibc"
2.15
Search vendor "Gnu" for product "Glibc" and version "2.15"
-
Affected
Gnu
Search vendor "Gnu"
Glibc
Search vendor "Gnu" for product "Glibc"
2.16
Search vendor "Gnu" for product "Glibc" and version "2.16"
-
Affected