5922 matches found
CVE-2014-8485
The setupgroup function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via crafted section group headers in an ELF file...
Code injection
The setupgroup function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via crafted section group headers in an ELF file...
CVE-2014-8484
The srecscan function in bfd/srec.c in libdbfd in GNU binutils before 2.25 allows remote attackers to cause a denial of service out-of-bounds read via a small S-record...
Out-of-bounds
The srecscan function in bfd/srec.c in libdbfd in GNU binutils before 2.25 allows remote attackers to cause a denial of service out-of-bounds read via a small S-record...
Out-of-bounds
The bfdXXiswapaouthdrin function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service out-of-bounds write and possibly have other unspecified impact via a crafted NumberOfRvaAndSizes field in the AOUT header in a PE executable...
Stack overflow
Stack-based buffer overflow in the ihexscan function in bfd/ihex.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly have other unspecified impact via a crafted ihex file...
Stack overflow
Stack-based buffer overflow in the srecscan function in bfd/srec.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly have other unspecified impact via a crafted file...
Heap overflow
Heap-based buffer overflow in the peprintedata function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly have other unspecified impact via a truncated export table in a PE file...
Directory traversal
Multiple directory traversal vulnerabilities in GNU binutils 2.24 and earlier allow local users to delete arbitrary files via a .. dot dot or full path name in an archive to 1 strip or 2 objcopy or create arbitrary files via 3 a .. dot dot or full path name in an archive to ar...
DEBIAN-CVE-2014-8484
The srecscan function in bfd/srec.c in libdbfd in GNU binutils before 2.25 allows remote attackers to cause a denial of service out-of-bounds read via a small S-record...
CVE-2014-8484
The srecscan function in bfd/srec.c in libdbfd in GNU binutils before 2.25 allows remote attackers to cause a denial of service out-of-bounds read via a small S-record...
CVE-2014-8737
CVE-2014-8737 is a directory traversal vulnerability in GNU Binutils up to version 2.24, enabling a local attacker to delete arbitrary files or create arbitrary files by crafting archive paths (dot-dot or full paths) in strip, objcopy, or ar. Affected component set includes binutils and its archi...
CVE-2014-8484
GNU Binutils libbfd contains a vulnerability in srec_scan (bdf/srec.c) that allows a remote attacker to cause a denial of service (out-of-bounds read) by supplying a crafted small S-record. Affected product: GNU Binutils (libbfd). Root cause: memory safety flaw in srec_scan; the issue exists in b...
CVE-2014-8484
The srecscan function in bfd/srec.c in libdbfd in GNU binutils before 2.25 allows remote attackers to cause a denial of service out-of-bounds read via a small S-record...
CVE-2014-8485
The setupgroup function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via crafted section group headers in an ELF file...
CVE-2014-8737
Multiple directory traversal vulnerabilities in GNU binutils 2.24 and earlier allow local users to delete arbitrary files via a .. dot dot or full path name in an archive to 1 strip or 2 objcopy or create arbitrary files via 3 a .. dot dot or full path name in an archive to ar...
CVE-2014-8504
Stack-based buffer overflow in the srecscan function in bfd/srec.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly have other unspecified impact via a crafted file...
CVE-2014-8502
Heap-based buffer overflow in the peprintedata function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly have other unspecified impact via a truncated export table in a PE file...
CVE-2014-8503
Stack-based buffer overflow in the ihexscan function in bfd/ihex.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly have other unspecified impact via a crafted ihex file...
CVE-2014-8485
The setupgroup function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via crafted section group headers in an ELF file...