7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.011 Low
EPSS
Percentile
84.1%
US-CERT/NIST reports:
The _bfd_XXi_swap_aouthdr_in function in bfd/peXXigen.c in GNU
binutils 2.24 and earlier allows remote attackers to cause a
denial of service (out-of-bounds write) and possibly have other
unspecified impact via a crafted NumberOfRvaAndSizes field in the
AOUT header in a PE executable.
US-CERT/NIST reports:
Heap-based buffer overflow in the pe_print_edata function in
bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote
attackers to cause a denial of service (crash) and possibly have
other unspecified impact via a truncated export table in a PE
file.
US-CERT/NIST reports:
Stack-based buffer overflow in the ihex_scan function in
bfd/ihex.c in GNU binutils 2.24 and earlier allows remote
attackers to cause a denial of service (crash) and possibly have
other unspecified impact via a crafted ihex file.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | cross-binutils | < 2.25 | UNKNOWN |
FreeBSD | any | noarch | x86_64-pc-mingw32-binutils | < 2.25 | UNKNOWN |
FreeBSD | any | noarch | m6811-binutils | < 2.25 | UNKNOWN |