Unrated severityNVD Advisory· Published Jan 3, 2013· Updated Apr 29, 2026
CVE-2012-5667
CVE-2012-5667
Description
Multiple integer overflows in GNU Grep before 2.11 might allow context-dependent attackers to execute arbitrary code via vectors involving a long input line that triggers a heap-based buffer overflow.
Affected products
18cpe:2.3:a:gnu:grep:*:*:*:*:*:*:*:*+ 17 more
- cpe:2.3:a:gnu:grep:*:*:*:*:*:*:*:*range: <=2.10
- cpe:2.3:a:gnu:grep:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:grep:2.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:grep:2.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:grep:2.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:grep:2.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:grep:2.5:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:grep:2.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:grep:2.5.1:a:*:*:*:*:*:*
- cpe:2.3:a:gnu:grep:2.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:grep:2.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:grep:2.6:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:grep:2.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:grep:2.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:grep:2.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:grep:2.7:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:grep:2.8:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:grep:2.9:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- git.savannah.gnu.org/cgit/grep.git/commit/nvdPatch
- git.savannah.gnu.org/cgit/grep.git/commit/nvdPatch
- lists.gnu.org/archive/html/bug-grep/2012-12/msg00004.htmlnvd
- openwall.com/lists/oss-security/2012/12/22/6nvd
- rhn.redhat.com/errata/RHSA-2015-1447.htmlnvd
- www.securityfocus.com/bid/57033nvd
- bugs.launchpad.net/ubuntu/+source/grep/+bug/1091473nvd
- bugzilla.redhat.com/show_bug.cginvd
News mentions
0No linked articles in our index yet.