Unrated severityNVD Advisory· Published Aug 25, 2012· Updated Jun 16, 2026

CVE-2012-3480

Description

Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, (4) strtod_l, and other unspecified "related functions" in stdlib in GNU C Library (aka glibc or libc6) 2.16 allow local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

GNU/Glibc
cpe:2.3:a:gnu:glibc:2.16:*:*:*:*:*:*:*
GNU/C Libraryllm-fuzzy
Range: 2.16

Patches

Vulnerability mechanics

References

secunia.com/advisories/50201nvdVendor Advisory
lists.fedoraproject.org/pipermail/package-announce/2012-August/085190.htmlnvd
osvdb.org/84710nvd
rhn.redhat.com/errata/RHSA-2012-1207.htmlnvd
rhn.redhat.com/errata/RHSA-2012-1208.htmlnvd
rhn.redhat.com/errata/RHSA-2012-1262.htmlnvd
rhn.redhat.com/errata/RHSA-2012-1325.htmlnvd
secunia.com/advisories/50422nvd
sourceware.org/bugzilla/show_bug.cginvd
www.openwall.com/lists/oss-security/2012/08/13/4nvd
www.openwall.com/lists/oss-security/2012/08/13/6nvd
www.securityfocus.com/bid/54982nvd
www.securitytracker.com/idnvd
www.ubuntu.com/usn/USN-1589-1nvd
security.gentoo.org/glsa/201503-04nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000