What is CVE-2012-4409?

CVE-2012-4409 is a vulnerability in Mcrypt, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2012-11-21.

Is CVE-2012-4409 known to be exploited?

3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Mcrypt

CVE-2012-4409

Stack-based buffer overflow in the check_file_head function in extra.c in mcrypt 2.6.8 and earlier allows user-assisted remote attackers to execute arbitrary code via an encrypted file with a crafted header containing long salt data that i…

Vulnerability class: Buffer Overflow

EPSS: 0.587 (98.3th percentile) — read the EPSS interpretation.

Affected products

Mcrypt — versions 2.6.4, 2.6.5, 2.6.6
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

Public proof-of-concept exploits

References

FEDORA-2012-13599 (x_refsource_FEDORA, vendor-advisory)
FEDORA-2012-13657 (x_refsource_FEDORA, vendor-advisory)
secalert@redhat.com (Exploit, x_refsource_MISC)
FEDORA-2012-13656 (x_refsource_FEDORA, vendor-advisory)
[oss-security] 20120906 Re: CVE request - mcrypt buffer overflow flaw (mailing-list, x_refsource_MLIST)
51010 (x_refsource_SECUNIA, third-party-advisory)
1027532 (vdb-entry, x_refsource_SECTRACK)
50507 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
secalert@redhat.com (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2012-4409?: CVE-2012-4409 is a vulnerability in Mcrypt, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2012-11-21.
Is CVE-2012-4409 known to be exploited?: 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.