83 matches found
CVE-2017-14939
decodelineinfo in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, mishandles a length calculation, which allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted ELF file, related to...
CVE-2017-14938
bfdelfslurpversiontables in elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service excessive memory allocation and application crash via a crafted ELF file...
CVE-2017-14933
readformattedentries in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service infinite loop via a crafted ELF file...
CVE-2017-14932
decodelineinfo in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service infinite loop via a crafted ELF file...
CVE-2017-14745
The getsyntheticsymtab functions in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, interpret a -1 value as a sorting count instead of an error flag, which allows remote attackers to cause a denial of service integer overflow and application crash or possib...
CVE-2017-14729
The getsyntheticsymtab functions in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, do not ensure a unique PLT entry for a symbol, which allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have...
CVE-2017-14729
CVE-2017-14729 affects the Binary File Descriptor (BFD) library (libbfd) in GNU Binutils 2.29. The vulnerability is triggered by non-unique PLT entries for a symbol in elf32-i386.c and elf64-x86-64.c, allowing remote attackers to cause a heap-based buffer overflow and application crash via a craf...
CVE-2017-14729
The getsyntheticsymtab functions in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, do not ensure a unique PLT entry for a symbol, which allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have...
CVE-2017-14529
The peprintidata function in peXXigen.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, mishandles HintName vector entries, which allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted PE file...
CVE-2017-14529
The peprintidata function in peXXigen.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, mishandles HintName vector entries, which allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted PE file...
CVE-2017-14529
CVE-2017-14529 affects the Binary File Descriptor (BFD) library (libbfd) used by GNU Binutils 2.29. The vulnerability is in the pe_print_idata function in peXXigen.c, where HintName vector entries are mishandled, enabling a crafted PE file to trigger a heap-based buffer over-read and cause an app...
Integer overflow
The processversionsections function in readelf.c in GNU Binutils 2.29 allows attackers to cause a denial of service Integer Overflow, and hang because of a time-consuming loop or possibly have unspecified other impact via a crafted binary file with invalid values of ent.vnnext, during "readelf -a...
CVE-2017-14129
The readsection function in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service parsecompunit heap-based buffer over-read and application crash via a crafted ELF file...
CVE-2017-14130
The bfdelfparseattributes function in elf-attrs.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service bfdelfattrstrdup heap-based buffer over-read and application crash via a crafted ELF file...
CVE-2017-14130
The bfdelfparseattributes function in elf-attrs.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service bfdelfattrstrdup heap-based buffer over-read and application crash via a crafted ELF file...
CVE-2017-14129
CVE-2017-14129 : The read_section function in dwarf2.c of GNU Binutils’ libbfd (Binutils 2.29) is vulnerable to a heap-based buffer over-read in parse of crafted ELF files, enabling remote denial of service via crashing the application. The description explicitly ties the issue to Binutils 2.29 a...
CVE-2017-14130
The bfdelfparseattributes function in elf-attrs.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service bfdelfattrstrdup heap-based buffer over-read and application crash via a crafted ELF file...
CVE-2017-13757
The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, does not validate the PLT section size, which allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted ELF file, related to elfi386getsyntheticsymtab...
CVE-2017-13716
The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service excessive memory allocation and application crash via a crafted file, as demonstrated by a call from the Binary File Descriptor BFD library aka...
Design/Logic Flaw
The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service excessive memory allocation and application crash via a crafted file, as demonstrated by a call from the Binary File Descriptor BFD library aka...