CVE-2013-4788

GNU C Library <2.17 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-4788. PoCs published by Hector Marco & Ismael Ripoll.

AI-analyzed exploit summary This exploit targets a vulnerability in the `setjmp`/`longjmp` functions by manipulating the return address in the `jmp_buf` structure to achieve arbitrary code execution. The PoC attempts to overwrite the return address with a rotated value pointing to a `hacked()` function that spawns a shell.

Description

The PTR_MANGLE implementation in the GNU C Library (aka glibc or libc6) 2.4, 2.17, and earlier, and Embedded GLIBC (EGLIBC) does not initialize the random value for the pointer guard, which makes it easier for context-dependent attackers to control execution flow by leveraging a buffer-overflow vulnerability in an application and using the known zero value pointer guard to calculate a pointer address.

Exploits (1)

exploitdb WORKING POC

by Hector Marco & Ismael Ripoll · clocallinux

https://www.exploit-db.com/exploits/28657

View Code ZIP pw:eip

This exploit targets a vulnerability in the `setjmp`/`longjmp` functions by manipulating the return address in the `jmp_buf` structure to achieve arbitrary code execution. The PoC attempts to overwrite the return address with a rotated value pointing to a `hacked()` function that spawns a shell.

Classification

Working Poc 80%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: GNU C Library (glibc) with vulnerable setjmp/longjmp implementations (specific versions not explicitly stated)

No auth needed

Prerequisites: Vulnerable glibc version with exploitable setjmp/longjmp behavior · Execution environment with appropriate architecture (x86 or x86_64)

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →