CVE-2012-2676

Hoard < 3.8 - Integer Overflow in malloc and calloc

Title source: llm
STIX 2.1

Description

Multiple integer overflows in the (1) malloc and (2) calloc functions in Hoard before 3.9 make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows on implementing code via a large size value, which causes less memory to be allocated than expected.

References (4)

Core 4
Core References
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/06/05/1
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/06/07/13

Scores

EPSS 0.0114
EPSS Percentile 62.9%

Details

CWE
CWE-189
Status published
Products (1)
emery_berger/hoard < 3.8
Published Jul 25, 2012
Tracked Since Feb 18, 2026