3 matches found
MCrypt: User-assisted execution of arbitrary code
Background MCrypt is a replacement of the old unix crypt1 utility. Description Multiple vulnerabilities have been discovered in MCrypt: A boundary error in MCrypt could cause a stack-based buffer overflow CVE-2012-4409. MCrypt contains multiple format string errors CVE-2012-4426. MCrypt does not...
CVE-2012-4426
Multiple format string vulnerabilities in mcrypt 2.6.8 and earlier might allow user-assisted remote attackers to cause a denial of service crash or possibly execute arbitrary code via vectors involving 1 errors.c or 2 mcrypt.c...
CVE-2012-4426
MCrypt before and including version 2.6.8 contains multiple format-string vulnerabilities (CVE-2012-4426) that may allow a remote attacker to cause a crash or possibly execute arbitrary code via errors.c or mcrypt.c. The issue is documented across multiple sources (NVD, Debian/Ubuntu advisories, ...