CVE-2012-4409

Public Exploit

Description

Stack-based buffer overflow in the check_file_head function in extra.c in mcrypt 2.6.8 and earlier allows user-assisted remote attackers to execute arbitrary code via an encrypted file with a crafted header containing long salt data that is not properly handled during decryption.

References

Link	Tags
http://lists.fedoraproject.org/pipermail/package-announce/2012-September/086519.html	vendor advisory
http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088281.html	vendor advisory
http://packetstormsecurity.org/files/116268/mcrypt-2.6.8-Buffer-Overflow-Proof-Of-Concept.html	exploit
http://lists.fedoraproject.org/pipermail/package-announce/2012-September/087542.html	vendor advisory
http://www.openwall.com/lists/oss-security/2012/09/06/4	mailing list
http://secunia.com/advisories/51010	third party advisory
http://www.securitytracker.com/id?1027532	vdb entry
http://secunia.com/advisories/50507	third party advisory vendor advisory
https://bugzilla.redhat.com/show_bug.cgi?id=855029

Frequently Asked Questions

What is the severity of CVE-2012-4409?: CVE-2012-4409 has been scored as a medium severity vulnerability.
How to fix CVE-2012-4409?: To fix CVE-2012-4409, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2012-4409 being actively exploited in the wild?: It is possible that CVE-2012-4409 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~59% probability that this vulnerability will be exploited by malicious actors in the next 30 days.

Description

Category

CWE-119 – Improper Restriction of Operations within the Bounds of a Memory Buffer

References

Frequently Asked Questions