CVE-2009-4880

glibc < 2.10.1 - Denial of Service via strfmon Format String Integer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-4880. PoCs published by Maksymilian Arciemowicz.

AI-analyzed exploit summary The exploit demonstrates an integer overflow in GNU glibc's money_format function via PHP, which can lead to arbitrary code execution or denial-of-service. The PoC uses specific format strings to trigger the overflow.

Description

Multiple integer overflows in the strfmon implementation in the GNU C Library (aka glibc or libc6) 2.10.1 and earlier allow context-dependent attackers to cause a denial of service (memory consumption or application crash) via a crafted format string, as demonstrated by a crafted first argument to the money_format function in PHP, a related issue to CVE-2008-1391.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Maksymilian Arciemowicz · textdoslinux

https://www.exploit-db.com/exploits/33230

View Code ZIP pw:eip

The exploit demonstrates an integer overflow in GNU glibc's money_format function via PHP, which can lead to arbitrary code execution or denial-of-service. The PoC uses specific format strings to trigger the overflow.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: GNU glibc 2.10.1 and prior

No auth needed

Prerequisites: PHP with vulnerable glibc version

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (13)

Core 13

Core References

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2010:111

Third Party Advisory vendor-advisory x_refsource_gentoo

http://security.gentoo.org/glsa/glsa-201011-01.xml

Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2010/1246

Vendor Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/USN-944-1

Exploit, Patch vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/36443

Exploit x_refsource_confirm

http://sources.redhat.com/bugzilla/show_bug.cgi?id=10600

Exploit third-party-advisory x_refsource_sreasonres

http://securityreason.com/achievement_securityalert/67

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/39900

Patch x_refsource_confirm

http://sourceware.org/git/?p=glibc.git%3Ba=commit%3Bh=199eb0de8d673fb23aa127721054b4f1803d61f3

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/59242

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2010:112

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2010/dsa-2058

Issue Tracking x_refsource_misc

https://bugzilla.redhat.com/show_bug.cgi?id=524671

Scores

EPSS 0.1122

EPSS Percentile 95.4%

Details

CWE

CWE-189

Status published

Products (37)

gnu/glibc 2.0

gnu/glibc 2.0.1

gnu/glibc 2.0.2

gnu/glibc 2.0.3

gnu/glibc 2.0.4

gnu/glibc 2.0.5

gnu/glibc 2.0.6

gnu/glibc 2.1

gnu/glibc 2.1.1

gnu/glibc 2.1.1.6

... and 27 more

Published Jun 01, 2010

Tracked Since Feb 18, 2026