Red Hat Bugzilla – Bug 599070
CVE-2009-4880 glibc (32-bit): Multiple integer overflows in the printf implementation
Last modified: 2016-03-04 07:39:19 EST
Common Vulnerabilities and Exposures assigned an identifier CVE-2009-4880 to
the following vulnerability:
Multiple integer overflows in the strfmon implementation in the GNU C
Library (aka glibc or libc6) 2.10.1 and earlier allow
context-dependent attackers to cause a denial of service (memory
consumption or application crash) via a crafted format string, as
demonstrated by a crafted first argument to the money_format function
in PHP, a related issue to CVE-2008-1391.
Public PoC (from ):
[cx@localhost ~]$ php -r 'money_format("%.1073741821i",1);'
More details on this bug can be found in upstream bugzilla #10600 or in Fedora bug #496386.
Both issues affecting glibc and reported in SecurityReason Advisory 67 are corrected in Red Hat Enterprise Linux 6 glibc packages.
Red Hat does not consider this bug to be a security issue. Properly written application should not use arbitrary untrusted data as part of the format string passed to functions as strfmon or printf family functions.