Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1902

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2006-1902
Last Modified 10 Feb 2011 12:00:00
Published 20 Apr 2006 06:02:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-1902

Summary

fold_binary in fold-const.c in GNU Compiler Collection (gcc) 4.1 improperly handles pointer overflow when folding a certain expr comparison to a corresponding offset comparison in cases other than EQ_EXPR and NE_EXPR, which might introduce buffer overflow vulnerabilities into applications that could be exploited by context-dependent attackers.NOTE: the vendor states that the essence of the issue is "not correctly interpreting an offset to a pointer as a signed value."

Vulnerable Systems

Application

  • Gnu Gcc 4.1


References

BUGTRAQ - 20060418 RE: gcc 4.1 bug miscompiles pointer range checks, may place you at risk

BUGTRAQ - 20060417 gcc 4.1 bug miscompiles pointer range checks, may place you at risk

BUGTRAQ - 20060418 Re: gcc 4.1 bug miscompiles pointer range checks, may place you at risk

CONFIRM - http://gcc.gnu.org/viewcvs/branches/gcc-4_1-branch/gcc/fold-const.c?r1=110549&r2=112698&pathrev=112698&diff_format=h

MLIST - [gcc-bugs] 20060417 [Bug middle-end/27180] New: pointer arithmetic overflow handling broken

MLIST - [gcc-bugs] 20060417 [Bug c/27180] New: pointer arithmetic overflow handling broken

CONFIRM - http://gcc.gnu.org/bugzilla/show_bug.cgi?id=26763

MISC - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=356896


Last Updated: 27 May 2016 10:42:15