GNU Binutils load_specific_debug_section() function denial of service vulnerability

GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utility programs developed by the GNU Project to work with target files in a variety of formats, with connectors, assemblers, and other tools for target files and archives. A security vulnerability exists in the...

GNU Binutils Denial of Service Vulnerability (CNVD-2017-34507)

GNU Binutils is a set of programming tools for creating and managing binary programs, object files, libraries, profile data and assembly source code. A denial of service vulnerability exists in the aoutgetexternalsymbols function in aoutx.h in the Binary File Descriptor BFD library used in GNU...

UBUNTU-CVE-2017-16827

The aoutgetexternalsymbols function in aoutx.h in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service slurpsymtab invalid free and application crash or possibly have unspecified other impact via a crafted E...

UBUNTU-CVE-2017-16829

The bfdelfparsegnuproperties function in elf-properties.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29.1, does not prevent negative pointers, which allows remote attackers to cause a denial of service out-of-bounds read and application crash or possibl...

UBUNTU-CVE-2017-16805

In radare2 2.0.1, libr/bin/dwarf.c allows remote attackers to cause a denial of service invalid read and application crash via a crafted ELF file, related to rbindwarfparsecompunit in dwarf.c and sdbsetinternal in shlr/sdb/src/sdb.c...

UBUNTU-CVE-2017-15939

dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, mishandles NULL files in a .debugline file table, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted ELF file, related to...

GNU Binutils libbfd dwarf2.c DW_AT_name Denial of Service Vulnerability

GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utilities developed by the GNU Project to work with object files in a variety of formats, with connectors, assemblers, and other tools for object files and archives.The Binary File Descriptor BFD library a.k.a...

UBUNTU-CVE-2017-15024

findabstractinstancename in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service infinite recursion and application crash via a crafted ELF file...

UBUNTU-CVE-2017-15021

bfdgetdebuglinkinfo1 in opncls.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted ELF file, related to bfdgetl32...

UBUNTU-CVE-2017-14939

decodelineinfo in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, mishandles a length calculation, which allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted ELF file, related to...

UBUNTU-CVE-2017-14934

processdebuginfo in dwarf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service infinite loop via a crafted ELF file that contains a negative size value in a CU structure...

GNU Binutils Denial of Service Vulnerability (CNVD-2017-30073)

GNU Binutils is a set of programming tools for creating and managing binary programs, object files, libraries, profile data and assembly source code. A denial of service vulnerability exists in decodelineinfo in dwarf2.c in the Binary File Descriptor BFD library used in GNU Binutils, which can be...

GNU Binutils BFD *_get_synthetic_symtab function denial of service vulnerability

GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utilities developed by the GNU Project to work with object files in a variety of formats, with connectors, assemblers, and other tools for object files and archives.The Binary File Descriptor BFD library a.k.a...

UBUNTU-CVE-2017-14529

The peprintidata function in peXXigen.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, mishandles HintName vector entries, which allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted PE file...

CVE-2017-10860

Untrusted search path vulnerability in "i-filter 6.0 installer" timestamp of code signing is before 23 Aug 2017 JST allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory...

DEBIAN-CVE-2017-14129

The readsection function in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service parsecompunit heap-based buffer over-read and application crash via a crafted ELF file...

CVE-2017-5208

Integer overflow in the wrestool program in icoutils before 0.31.1 allows remote attackers to cause a denial of service memory corruption via a crafted executable, which triggers a denial of service application crash or the possibility of execution of arbitrary code...

AppCheck and AppCheck Pro Untrustworthy Search Path Vulnerabilities

AppCheck and AppCheck Pro are both anti-tampering software. An untrusted search path vulnerability exists in AppCheck versions prior to 2.0.1.15 and AppCheck Pro versions prior to 2.0.1.15. An attacker can exploit this vulnerability to execute arbitrary code with the help of a specially crafted...

UBUNTU-CVE-2017-9038

GNU Binutils 2.28 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted ELF file, related to the bytegetlittleendian function in elfcomm.c, the getunwindsectionword function in readelf.c, and ARM unwind information that contains inval...

CVE-2017-2167

Untrusted search path vulnerability in Installer for PrimeDrive Desktop Application version 1.4.4 and earlier allows remote attackers to execute arbitrary code via a specially crafted executable file in an unspecified directory...