CVSS: 5.5EPSS: 1%CPEs: 8EXPL: 2CVE-2014-8738 – binutils: out of bounds memory write
https://notcve.org/view.php?id=CVE-2014-8738
14 Jan 2015 — The _bfd_slurp_extended_name_table function in bfd/archive.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (invalid write, segmentation fault, and crash) via a crafted extended name table in an archive. La función _bfd_slurp_extended_name_table en bfd/archive.c en GNU binutils 2.24 y anteriores permite a atacantes remotos causar una denegación de servicio (escritura inválida, fallo de segmentación y caída) a través de una tabla extendida de nombres manipulada en un ar... • http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147346.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 1%CPEs: 8EXPL: 1CVE-2014-8485 – binutils: lack of range checking leading to controlled write in _bfd_elf_setup_sections()
https://notcve.org/view.php?id=CVE-2014-8485
09 Dec 2014 — The setup_group function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted section group headers in an ELF file. La función setup_group en bfd/elf.c en libbfd en GNU binutils 2.24 y anteriores permite a atacantes remotos causar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de cabeceras de grupo de sección manipuladas en un fichero ELF. A buffer overflow f... • http://lcamtuf.blogspot.co.uk/2014/10/psa-dont-run-strings-on-untrusted-files.html • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-822: Untrusted Pointer Dereference •
CVSS: 7.8EPSS: 1%CPEs: 8EXPL: 1CVE-2014-8503 – binutils: stack overflow in objdump when parsing specially crafted ihex file
https://notcve.org/view.php?id=CVE-2014-8503
09 Dec 2014 — Stack-based buffer overflow in the ihex_scan function in bfd/ihex.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted ihex file. Desbordamiento de buffer basado en pila en la función ihex_scan en bfd/ihex.c en GNU binutils 2.24 y anteriores permite a atacantes remotos causar una denegación de servicio (caída) y posiblemente tener otro impacto no especificado a través de un fichero ihex manipulado. A stack-ba... • http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145262.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 7.5EPSS: 1%CPEs: 8EXPL: 1CVE-2014-8501 – binutils: out-of-bounds write when parsing specially crafted PE executable
https://notcve.org/view.php?id=CVE-2014-8501
09 Dec 2014 — The _bfd_XXi_swap_aouthdr_in function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) and possibly have other unspecified impact via a crafted NumberOfRvaAndSizes field in the AOUT header in a PE executable. La función _bfd_XXi_swap_aouthdr_in en bfd/peXXigen.c en GNU binutils 2.24 y anteriores permite a atacantes remotos causar una denegación de servicio (escritura fuera de rango) y posiblemente tener otro impacto no especificado... • http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145262.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 2%CPEs: 8EXPL: 0CVE-2014-8484 – binutils: invalid read flaw in libbfd
https://notcve.org/view.php?id=CVE-2014-8484
09 Dec 2014 — The srec_scan function in bfd/srec.c in libdbfd in GNU binutils before 2.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a small S-record. La función srec_scan en bfd/srec.c en libdbfd en GNU binutils anterior a 2.25 permite a atacantes remotos causar una denegación de servicio (lectura fuera de rango) a través de un S-record pequeño. An integer overflow flaw was found in the way the strings utility processed certain files. If a user were tricked into running the strings uti... • http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145262.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-839: Numeric Range Comparison Without Minimum Check •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 2CVE-2014-8737 – binutils: directory traversal vulnerability
https://notcve.org/view.php?id=CVE-2014-8737
09 Dec 2014 — Multiple directory traversal vulnerabilities in GNU binutils 2.24 and earlier allow local users to delete arbitrary files via a .. (dot dot) or full path name in an archive to (1) strip or (2) objcopy or create arbitrary files via (3) a .. (dot dot) or full path name in an archive to ar. Múltiples vulnerabilidades de salto de directorio en GNU binutils 2.24 y anteriores permiten a usuarios locales eliminar ficheros arbitrarios a través de un .. (punto punto) o nombre completo de ruta en un archivo en (1) st... • http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145256.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 1%CPEs: 8EXPL: 3CVE-2014-8504 – binutils: stack overflow in the SREC parser
https://notcve.org/view.php?id=CVE-2014-8504
09 Dec 2014 — Stack-based buffer overflow in the srec_scan function in bfd/srec.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted file. Desbordamiento de buffer basado en pila en la función srec_scan en bfd/srec.c en GNU binutils 2.24 y anteriores permite a atacantes remotos causar una denegación de servicio (caída) y posiblemente tener orto impacto no especificado a través de un fichero manipulado. A stack-based buffer... • http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145262.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 8.8EPSS: 1%CPEs: 8EXPL: 1CVE-2014-8502 – binutils: heap overflow in objdump when parsing a crafted ELF/PE binary file (incomplete fix for CVE-2014-8485)
https://notcve.org/view.php?id=CVE-2014-8502
09 Dec 2014 — Heap-based buffer overflow in the pe_print_edata function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a truncated export table in a PE file. Desbordamiento de buffer basado en memoria dinámica en la función pe_print_edata en bfd/peXXigen.c en GNU binutils 2.24 y anteriores permite a atacantes remotos causar una denegación de servicio (caída) y posiblemente tener orto impacto no especificado a t... • http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145262.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 3CVE-2006-2362 – GNU BinUtils 2.1x - Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-2362
15 May 2006 — Buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation GNU Binutils before 20060423, as used by GNU strings, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a file with a crafted Tektronix Hex Format (TekHex) record in which the length character is not a valid hexadecimal character. • https://www.exploit-db.com/exploits/27856 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2005-4808
https://notcve.org/view.php?id=CVE-2005-4808
31 Dec 2005 — Buffer overflow in reset_vars in config/tc-crx.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050714 allows user-assisted attackers to have an unknown impact via a crafted .s file. • http://sources.redhat.com/bugzilla/show_bug.cgi?id=1069 •