LIEF 代码问题漏洞

LIEF is a cross-platform library from the individual developer Romain Thomas. It is used to parse, modify and abstract Elf, Pe and MachO formats. A code issue vulnerability exists in LIEF 0.17.1 and earlier versions, which stems from a null pointer dereference in the file src/ELF/Parser.tcc in th...

Medium: cuda-sandbox-devel-12-9

Issue Overview: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a failure to check the length of a buffer could allow a user to cause the tool to crash or execute arbitrary code by passing in a malformed ELF file. A successful exploit of this...

SUSE CVE-2018-7642

The swapstdrelocin function in aoutx.h in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service aout32swapstdrelocout NULL pointer dereference and application crash via a crafted ELF file, as demonstrated by...

LIEF 缓冲区错误漏洞

LIEF is a cross-platform library from the individual developer Romain Thomas. It is used to parse, modify and abstract Elf, Pe and MachO formats. LIEF has a security vulnerability that stems from a heap buffer overflow in the printbinary function in /c/machoreader.c. The vulnerability is caused b...

The vulnerability of the elf::section::as_strtab function in the library for reading ELF and DWARF v4 files in Libelfin allows a attacker to cause a service failure.

The vulnerability of the elf::section::asstrtab function in the library for reading ELF and DWARF v4 files is related to insufficient elimination of special elements in the request. Exploiting this vulnerability allows a remote attacker to trigger a service failure using a specially created ELF...

UBUNTU-CVE-2018-18521

Divide-by-zero vulnerabilities in the function arlibaddsymbols in arlib.c in elfutils 0.174 allow remote attackers to cause a denial of service application crash with a crafted ELF file, as demonstrated by eu-ranlib, because a zero shentsize is mishandled...

DEBIAN-CVE-2018-17358

An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31. An invalid memory access exists in bfdstabsectionfindnearestline in syms.c. Attackers could leverage this vulnerability to cause a denial of service application crash via a crafted E...

file: multiple denial of service issues (resource consumption)

Multiple flaws were found in the way the File Information fileinfo extension parsed Executable and Linkable Format ELF files. A remote attacker could use either of these flaws to cause a PHP application using fileinfo to consume an excessive amount of system resources...

file: denial of service issue (resource consumption)

A flaw was found in the way the File Information fileinfo extension parsed Executable and Linkable Format ELF files. A remote attacker could use this flaw to cause a PHP application using fileinfo to consume an excessive amount of system resources...

file: malformed elf file causes access to uninitialized memory

A flaw was found in the way the File Information fileinfo extension parsed Executable and Linkable Format ELF files. A remote attacker could use this flaw to cause a PHP application using fileinfo to crash or disclose certain portions of server memory...

Scientific Linux Security Update : php on SL6.x, SL7.x i386/x86_64 (20141030)

A buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exifthumbnail function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application. CVE-2014-3670 An integer overflo...

CVE-2012-1444

The ELF file parser in eSafe 7.0.17.0, Prevx 3.0, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified abiversion field. NOTE: this may later be SPLIT into multiple CVEs if additional information is publishe...