Lucene search

[email protected]CVE-2005-1704

HistoryMay 24, 2005 - 4:00 a.m.

CVE-2005-1704

2005-05-2404:00:00

CWE-189

[email protected]

web.nvd.nist.gov

cve-2005-1704

integer overflow

bfd library

gdb

arbitrary code execution

heap-based buffer overflow

nvd

9.6 High

AI Score

Confidence

High

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

48.7%

JSON

Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow.

CPENameOperatorVersion
gnu:gdbgnu gdble6.3

CPE	Name	Operator	Version
gnu:gdb	gnu gdb	le	6.3

References

ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc

bugs.gentoo.org/show_bug.cgi?id=91398

distro.conectiva.com.br/atualizacoes/?id=a&anuncio=001060

secunia.com/advisories/15527

secunia.com/advisories/17001

secunia.com/advisories/17072

secunia.com/advisories/17135

secunia.com/advisories/17257

secunia.com/advisories/17356

secunia.com/advisories/17718

secunia.com/advisories/18506

secunia.com/advisories/21122

secunia.com/advisories/21262

secunia.com/advisories/21717

secunia.com/advisories/24788

security.gentoo.org/glsa/glsa-200505-15.xml

securitytracker.com/id?1016544

support.avaya.com/elmodocs2/security/ASA-2005-222.pdf

support.avaya.com/elmodocs2/security/ASA-2006-015.htm

support.avaya.com/elmodocs2/security/ASA-2006-178.htm

www.gentoo.org/security/en/glsa/glsa-200506-01.xml

www.mandriva.com/security/advisories?name=MDKSA-2005:095

www.mandriva.com/security/advisories?name=MDKSA-2005:215

www.osvdb.org/16757

www.redhat.com/support/errata/RHSA-2005-659.html

www.redhat.com/support/errata/RHSA-2005-673.html

www.redhat.com/support/errata/RHSA-2005-709.html

www.redhat.com/support/errata/RHSA-2005-763.html

www.redhat.com/support/errata/RHSA-2005-801.html

www.redhat.com/support/errata/RHSA-2006-0354.html

www.redhat.com/support/errata/RHSA-2006-0368.html

www.securityfocus.com/archive/1/464745/100/0/threaded

www.securityfocus.com/bid/13697

www.trustix.org/errata/2005/0025/

www.vmware.com/support/vi3/doc/esx-55052-patch.html

www.vupen.com/english/advisories/2007/1267

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9071

usn.ubuntu.com/136-1/

9.6 High

AI Score

Confidence

High

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

48.7%

JSON

Related for CVE-2005-1704

centos7 ubuntu2 nessus22 redhat7 gentoo2 openvas4 debiancve1 ubuntucve1 photon2