rpm package
suse/nasm&distro=SUSE Linux Enterprise Software Development Kit 12 SP3
pkg:rpm/suse/nasm&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-11111 | Hig | 7.8 | < 2.10.09-4.5.1 | 2.10.09-4.5.1 | Jul 8, 2017 | In Netwide Assembler (NASM) 2.14rc0, preproc.c allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file. | |
| CVE-2017-10686 | Hig | 7.8 | < 2.10.09-4.5.1 | 2.10.09-4.5.1 | Jun 29, 2017 | In Netwide Assembler (NASM) 2.14rc0, there are multiple heap use after free vulnerabilities in the tool nasm. The related heap is allocated in the token() function and freed in the detoken() function (called by pp_getline()) - it is used again at multiple positions later that cou |
- affected < 2.10.09-4.5.1fixed 2.10.09-4.5.1
In Netwide Assembler (NASM) 2.14rc0, preproc.c allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
- affected < 2.10.09-4.5.1fixed 2.10.09-4.5.1
In Netwide Assembler (NASM) 2.14rc0, there are multiple heap use after free vulnerabilities in the tool nasm. The related heap is allocated in the token() function and freed in the detoken() function (called by pp_getline()) - it is used again at multiple positions later that cou