CVE-2011-2168 Information

Description

Multiple integer overflows in the glob implementation in libc in OpenBSD before 4.9 might allow context-dependent attackers to have an unspecified impact via a crafted string related to the GLOB_APPEND and GLOB_DOOFFS flags a different issue than CVE-2011-0418.

Reference

http://securityreason.com/achievement_securityalert/97 http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/glob.crev1.35 http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libc/gen/glob.c.diff?r1=1.34;r2=1.35;f=h http://www.securityfocus.com/bid/48004