3 matches found
CVE-2012-4409
The CVE-2012-4409 issue affects MCrypt, specifically mcrypt versions up to and including 2.6.8, due to a flaw in the check_file_head() function (extra.c). A crafted header with long salt data during decryption can trigger a stack-based buffer overflow, enabling a user-assisted remote attacker to ...
CVE-2012-4527
CVE-2012-4527: MCrypt (mcrypt) up to version 2.6.8 is affected by a stack-based buffer overflow when handling long file names, enabling a user-assisted remote attacker to crash the process or potentially execute arbitrary code. The issue is documented across multiple advisories (Gentoo GLSA 20140...
CVE-2012-4426
MCrypt before and including version 2.6.8 contains multiple format-string vulnerabilities (CVE-2012-4426) that may allow a remote attacker to cause a crash or possibly execute arbitrary code via errors.c or mcrypt.c. The issue is documented across multiple sources (NVD, Debian/Ubuntu advisories, ...