290 matches found
CVE-2017-12450
The alphavmsobjectp function in bfd/vms-alpha.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted vms alpha file...
CVE-2017-12450
The alphavmsobjectp function in bfd/vms-alpha.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted vms alpha file...
CVE-2017-12449
The bfdvmssavesizedstring function in vms-misc.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms file...
UBUNTU-CVE-2017-12453
The bfdvmsslurpeeom function in libbfd.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file...
UBUNTU-CVE-2017-12455
The evaxbfdprintemh function in vms-alpha.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file...
CVE-2017-12450
CVE-2017-12450 concerns the GNU Binutils libbfd component, specifically the alpha_vms_object_p path in vms-alpha.c. The advisory text in the connected sources confirms an out-of-bounds heap write vulnerability exploitable via crafted vms alpha files, which could lead to code execution. The affect...
CVE-2017-12454
CVE-2017-12454 affects the Binary File Descriptor (BFD) library (libbfd) in GNU Binutils up to version 2.29. The _bfd_vms_slurp_egsd function in bfd/vms-alpha.c can be triggered by a crafted VMS Alpha file to cause an arbitrary memory read. This entry (CVE-2017-12454) is corroborated by connected...
CVE-2017-12459
CVE-2017-12459 affects GNU Binutils (libbfd) specifically the bfd_mach_o_read_symtab_strtab function in bfd/mach-o.c, distributed in Binutils 2.29 and earlier. The root cause is an out-of-bounds heap write triggered by processing crafted Mach-O files, enabling a remote attacker to potentially ach...
CVE-2017-12453
The bfdvmsslurpeeom function in libbfd.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file...
CVE-2017-12458
CVE-2017-12458 affects GNU Binutils libbfd (nlm_swap_auxiliary_headers_in in bfd/nlmcode.h). As distributed in Binutils 2.29 and earlier, it allows a remote attacker to cause an out-of-bounds heap read via a crafted nlm file. The vulnerability is tied to the nlm_swap_auxiliary_headers_in routine ...
CVE-2017-12451
CVE-2017-12451 affects the GNU Binutils libbfd prior to 2.30. The vulnerability is in the _bfd_xcoff_read_ar_hdr function (files coff-rs6000.c and coff64-rs6000.c) and can cause an out-of-bounds stack read when processing a crafted COFF image. This could enable a remote attacker to read memory vi...
CVE-2017-12453
CVE-2017-12453 affects the GNU Binutils libbfd (Binary File Descriptor) library, with Binutils 2.29 and earlier being vulnerable. The flaw is an out-of-bounds heap read via a crafted vms alpha file in the _bfd_vms_slurp_eeom function of libbfd.c. This enables a remote attacker to read memory from...
CVE-2017-9954
The getvalue function in tekhex.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service stack-based buffer over-read and application crash via a crafted tekhex file, as demonstrated by mishandling within the...
CVE-2017-9747
The ieeearchivep function in bfd/ieee.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, might allow remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, a...
CVE-2017-9954
The getvalue function in tekhex.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service stack-based buffer over-read and application crash via a crafted tekhex file, as demonstrated by mishandling within the...
CVE-2017-9954
The getvalue function in tekhex.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service stack-based buffer over-read and application crash via a crafted tekhex file, as demonstrated by mishandling within the...
CVE-2017-9955
The getbuildid function in opncls.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted file in which a certain size field is larger than a...
CVE-2017-9954
The CVE-2017-9954 issue affects GNU Binutils’ Binary File Descriptor library (libbfd), specifically the tekhex.c getvalue function. A crafted tekhex file can trigger a stack-based buffer over-read in nm, causing an application crash (DoS). Root cause is mishandling in getvalue within tekhex.c of ...
Buffer overflow
The bfdvmsslurpetir function in bfd/vms-alpha.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file...
CVE-2017-9752
bfd/vms-alpha.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling...