CVE-2012-3404

EPSS 0.60% · P70 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2012-3404

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.12 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (stack corruption and crash) via a format string that uses positional parameters and many format specifiers.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

GNU glibc 格式化打印功能数字错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

GNU C Library（又名glibc，libc6）是一种按照LGPL许可协议发布的开源免费的C语言编译程序。 GNU C Library（又名glibc）2.12和其他版本中的libc中的stdio-common/vfprintf.c文件中的‘vfprintf’函数中存在安全漏洞，该漏洞源于程序没有正确地计算缓冲区长度。攻击者可借助使用positional参数和许多格式说明符的格式字符串，利用该漏洞绕过FORTIFY_SOURCE格式化字符串保护机制，造成拒绝服务（栈损坏和程序崩溃）。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2012-3404

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2012-3404

请登录查看更多情报信息。

https://bugzilla.redhat.com/show_bug.cgi?id=833703x_refsource_CONFIRM
https://sourceware.org/bugzilla/show_bug.cgi?id=12445x_refsource_CONFIRM
http://www.ubuntu.com/usn/USN-1589-1vendor-advisoryx_refsource_UBUNTU
http://rhn.redhat.com/errata/RHSA-2012-1098.htmlvendor-advisoryx_refsource_REDHAT
https://security.gentoo.org/glsa/201503-04vendor-advisoryx_refsource_GENTOO
http://rhn.redhat.com/errata/RHSA-2012-1200.htmlvendor-advisoryx_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2012/07/11/17mailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2012-3404

Same Patch Batch · n/a · 2014-02-10 · 19 CVEs total

CVE-2013-6024		多款F5产品信息泄露漏洞
CVE-2014-1876		Oracle OpenJDK和Oracle Java JDK 不安全临时文件创建漏洞
CVE-2014-1213		Sophos Anti-Virus engine 安全绕过漏洞
CVE-2013-2214		Nagios 权限许可和访问控制问题漏洞
CVE-2013-2055		Apache Wicket 信息泄露漏洞
CVE-2012-0064		X.Org xkeyboard-config组件权限许可和访问控制漏洞
CVE-2011-4610		Red Hat JBoss Web 缓冲区溢出漏洞
CVE-2014-1931		Visibility Software Cyber Recruiter 信息泄露漏洞
CVE-2014-1930		Visibility Software Cyber Recruiter 信息泄露漏洞
CVE-2010-4777		Perl‘Perl_reg_numbered_buff_fetch’函数输入验证漏洞
CVE-2013-4736		Qualcomm Innovation Center Android for MSM 整数溢出漏洞
CVE-2012-3406		GNU glibc 格式化打印功能权限许可和访问控制漏洞
CVE-2012-3405		GNU glibc 格式化打印功能数字错误漏洞
CVE-2012-2328		Standards-Based Linux Instrumentation for Manageability CIM Client 加密问题漏洞
CVE-2011-4930		Condor 格式化字符串漏洞
CVE-2011-4093		libnet6 整数溢出漏洞
CVE-2011-4092		obby 输入验证漏洞
CVE-2011-4091		libnet6 授权问题漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2012-3404

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2012-3404

I. Basic Information for CVE-2012-3404

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2012-3404

III. Intelligence Information for CVE-2012-3404

Same Patch Batch · n/a · 2014-02-10 · 19 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2012-3404

Leave a comment