VYPR

Binutils

by GNU

Source repositories

CVEs (273)

  • CVE-2017-12455HigAug 4, 2017
    risk 0.51cvss 7.8epss 0.01

    The evax_bfd_print_emh function in vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file.

  • CVE-2017-12454HigAug 4, 2017
    risk 0.51cvss 7.8epss 0.01

    The _bfd_vms_slurp_egsd function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an arbitrary memory read via a crafted vms alpha file.

  • CVE-2017-12453HigAug 4, 2017
    risk 0.51cvss 7.8epss 0.01

    The _bfd_vms_slurp_eeom function in libbfd.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file.

  • CVE-2017-12452HigAug 4, 2017
    risk 0.51cvss 7.8epss 0.01

    The bfd_mach_o_i386_canonicalize_one_reloc function in bfd/mach-o-i386.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted mach-o file.

  • CVE-2017-12451HigAug 4, 2017
    risk 0.51cvss 7.8epss 0.01

    The _bfd_xcoff_read_ar_hdr function in bfd/coff-rs6000.c and bfd/coff64-rs6000.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds stack read via a crafted COFF image file.

  • CVE-2017-12450HigAug 4, 2017
    risk 0.51cvss 7.8epss 0.02

    The alpha_vms_object_p function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted vms alpha…

  • CVE-2017-12449HigAug 4, 2017
    risk 0.51cvss 7.8epss 0.01

    The _bfd_vms_save_sized_string function in vms-misc.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms file.

  • CVE-2017-12448HigAug 4, 2017
    risk 0.51cvss 7.8epss 0.02

    The bfd_cache_close function in bfd/cache.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a heap use after free and possibly achieve code execution via a crafted nested archive file.…

  • CVE-2017-9755HigJun 19, 2017
    risk 0.51cvss 7.8epss 0.03

    opcodes/i386-dis.c in GNU Binutils 2.28 does not consider the number of registers for bnd mode, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated…

  • CVE-2017-9754HigJun 19, 2017
    risk 0.51cvss 7.8epss 0.03

    The process_otr function in bfd/versados.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, does not validate a certain offset, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or…

  • CVE-2017-9753HigJun 19, 2017
    risk 0.51cvss 7.8epss 0.03

    The versados_mkobject function in bfd/versados.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, does not initialize a certain data structure, which allows remote attackers to cause a denial of service (buffer overflow and…

  • CVE-2017-9752HigJun 19, 2017
    risk 0.51cvss 7.8epss 0.03

    bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as…

  • CVE-2017-9751HigJun 19, 2017
    risk 0.51cvss 7.8epss 0.03

    opcodes/rl78-decode.opc in GNU Binutils 2.28 has an unbounded GETBYTE macro, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of…

  • CVE-2017-9745HigJun 19, 2017
    risk 0.51cvss 7.8epss 0.03

    The _bfd_vms_slurp_etir function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other…

  • CVE-2017-9744HigJun 19, 2017
    risk 0.51cvss 7.8epss 0.03

    The sh_elf_set_mach_from_flags function in bfd/elf32-sh.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified…

  • CVE-2017-9743HigJun 19, 2017
    risk 0.51cvss 7.8epss 0.03

    The print_insn_score32 function in opcodes/score7-dis.c:552 in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of…

  • CVE-2017-9043HigMay 18, 2017
    risk 0.51cvss 7.8epss 0.02

    readelf.c in GNU Binutils 2017-04-12 has a "shift exponent too large for type unsigned long" issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file.

  • CVE-2017-9042HigMay 18, 2017
    risk 0.51cvss 7.8epss 0.02

    readelf.c in GNU Binutils 2017-04-12 has a "cannot be represented in type long" issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file.

  • CVE-2006-2362HigMay 15, 2006
    risk 0.51cvss 7.3epss 0.12

    Buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation GNU Binutils before 20060423, as used by GNU strings, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a file with a crafted…

  • CVE-2018-12934HigJun 28, 2018
    risk 0.49cvss 7.5epss 0.03

    remember_Ktype in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM). This can occur during execution of cxxfilt.

Page 3 of 14