CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

594 matches found

0day.today•added 2017/06/19 12:0 a.m.•51 views

GNU binutils - rx_decode_opcode Buffer Overflow Exploit

Exploit for linux platform in category dos / poc Source: https://sourceware.org/bugzilla/showbug.cgi?id=21587 I have been fuzzing objdump with American Fuzzy Lop and AddressSanitizer. Please find attached the minimized file causing the issue "Input" and the ASAN report log "Output". Below is the...

6.8CVSS6.6AI score0.08111EPSS

Exploits1

Exploit DB•added 2017/06/19 12:0 a.m.•47 views

GNU binutils - 'print_insn_score16' Buffer Overflow

Source: https://sourceware.org/bugzilla/showbug.cgi?id=21576 I have been fuzzing objdump with American Fuzzy Lop and AddressSanitizer. Please find attached the minimized file causing the issue "Input" and the ASAN report log "Output". Below is the reduced stacktrace with links to the correspondin...

7.4AI score

Exploits0

Exploit DB•added 2017/06/19 12:0 a.m.•25 views

GNU binutils - 'aarch64_ext_ldst_reglist' Buffer Overflow

Source: https://sourceware.org/bugzilla/showbug.cgi?id=21595 I have been fuzzing objdump with American Fuzzy Lop and AddressSanitizer. Please find attached the minimized file causing the issue "Input" and the ASAN report log "Output". Below is the reduced stacktrace with links to the correspondin...

7AI score

Exploits0

Exploit DB•added 2017/06/19 12:0 a.m.•46 views

GNU binutils - 'rx_decode_opcode' Buffer Overflow

Source: https://sourceware.org/bugzilla/showbug.cgi?id=21587 I have been fuzzing objdump with American Fuzzy Lop and AddressSanitizer. Please find attached the minimized file causing the issue "Input" and the ASAN report log "Output". Below is the reduced stacktrace with links to the correspondin...

7.4AI score

Exploits0

Exploit DB•added 2017/06/19 12:0 a.m.•37 views

GNU binutils - 'decode_pseudodbg_assert_0' Buffer Overflow

Source: https://sourceware.org/bugzilla/showbug.cgi?id=21586 I have been fuzzing objdump with American Fuzzy Lop and AddressSanitizer. Please find attached the minimized file causing the issue "Input" and the ASAN report log "Output". Below is the reduced stacktrace with links to the correspondin...

7.4AI score

Exploits0

Exploit DB•added 2017/06/19 12:0 a.m.•33 views

GNU binutils - 'ieee_object_p' Stack Buffer Overflow

Source: https://sourceware.org/bugzilla/showbug.cgi?id=21582 I have been fuzzing objdump with American Fuzzy Lop and AddressSanitizer. Please find attached the minimized file causing the issue "Input" and the ASAN report log "Output". Below is the reduced stacktrace with links to the correspondin...

7.4AI score

Exploits0

Exploit DB•added 2017/06/19 12:0 a.m.•72 views

GNU binutils - 'bfd_get_string' Stack Buffer Overflow

Source: https://sourceware.org/bugzilla/showbug.cgi?id=21581 I have been fuzzing objdump with American Fuzzy Lop and AddressSanitizer. Please find attached the minimized file causing the issue "Input" and the ASAN report log "Output". Below is the reduced stacktrace with links to the correspondin...

7.4AI score

Exploits0

Positive Technologies•added 2017/06/19 12:0 a.m.•2 views

PT-2017-19149 · Gnu +1 · Gnu Binutils +1

Name of the Vulnerable Software and Affected Versions: GNU Binutils version 2.28 Description: The issue allows remote attackers to cause a denial of service, resulting in a buffer overflow and application crash, or possibly have other unspecified impacts. This can be achieved by using a crafted...

9.8CVSS8.1AI score0.08544EPSS

Exploits67References456

RedhatCVE•added 2017/05/10 9:22 a.m.•25 views

CVE-2017-8396

The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 because the existing reloc offset range tests didn't catch small negative offsets less than the size of the reloc field. This vulnerability causes programs that condu...

7.5CVSS1.6AI score0.01839EPSS

Exploits0References1

RedhatCVE•added 2017/05/10 9:22 a.m.•23 views

CVE-2017-8397

The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 and an invalid write of size 1 during processing of a corrupt binary containing relocs with negative addresses. This vulnerability causes programs that conduct an...

7.5CVSS2.2AI score0.01846EPSS

Exploits0References1

RedhatCVE•added 2017/05/10 9:21 a.m.•22 views

CVE-2017-8392

The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 8 because of missing a check to determine whether symbols are NULL in the bfddwarf2findnearestline function. This vulnerability causes programs that conduct an analysis...

7.5CVSS1.3AI score0.0145EPSS

Exploits0References1

RedhatCVE•added 2017/05/10 9:21 a.m.•17 views

CVE-2017-8398

dwarf.c in GNU Binutils 2.28 is vulnerable to an invalid read of size 1 during dumping of debug information from a corrupt binary. This vulnerability causes programs that conduct an analysis of binary programs, such as objdump and readelf, to crash...

7.5CVSS1.9AI score0.01968EPSS

Exploits0References1

RedhatCVE•added 2017/05/10 9:20 a.m.•30 views

CVE-2017-8421

The function coffsetalignmenthook in coffcode.h in Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, has a memory leak vulnerability which can cause memory exhaustion in objdump via a crafted PE file. Additional validation in dumprelocsinsection in objdump.c can...

7.1CVSS2.2AI score0.00964EPSS

Exploits0References1

CNVD•added 2017/05/03 12:0 a.m.•3 views

GNU Binutils Buffer Overflow Vulnerability (CNVD-2017-06998)

GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utility programs developed by the GNU Project to work with target files in a variety of formats, with connectors, assemblers, and other tools for target files and archives. GNU Binutils suffers from a buffer...

7.5CVSS8AI score0.01968EPSS

Exploits0References1