CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-16831 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-16831
15 Nov 2017 — coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate the symbol count, which allows remote attackers to cause a denial of service (integer overflow and application crash, or excessive memory allocation) or possibly have unspecified other impact via a crafted PE file. coffgen.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29.1 no valida el recuento de símbolos, lo que per... • https://security.gentoo.org/glsa/201811-17 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-16832 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-16832
15 Nov 2017 — The pe_bfd_read_buildid function in peicode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate size and offset values in the data dictionary, which allows remote attackers to cause a denial of service (segmentation violation and application crash) or possibly have unspecified other impact via a crafted PE file. La función pe_bfd_read_buildid en peicode.h en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distri... • https://security.gentoo.org/glsa/201811-17 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-16826 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-16826
15 Nov 2017 — The coff_slurp_line_table function in coffcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via a crafted PE file. La función coff_slurp_line_table en coffcode.h en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29.1 permite que atacantes remotos provoque... • https://security.gentoo.org/glsa/201811-17 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-16830 – Gentoo Linux Security Advisory 201811-17
https://notcve.org/view.php?id=CVE-2017-16830
15 Nov 2017 — The print_gnu_property_note function in readelf.c in GNU Binutils 2.29.1 does not have integer-overflow protection on 32-bit platforms, which allows remote attackers to cause a denial of service (segmentation violation and application crash) or possibly have unspecified other impact via a crafted ELF file. La función GNU Binutils en readelf.c en GNU Binutils 2.29.1 no tiene protección contra desbordamientos de enteros en plataformas de 32 bits, lo que permite que atacantes remotos provoquen una denegación d... • http://www.securityfocus.com/bid/101941 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-16827 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-16827
15 Nov 2017 — The aout_get_external_symbols function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (slurp_symtab invalid free and application crash) or possibly have unspecified other impact via a crafted ELF file. La función aout_get_external_symbols en aoutx.h en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29.1 permite que atacantes remotos p... • https://security.gentoo.org/glsa/201811-17 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-16829 – Gentoo Linux Security Advisory 201811-17
https://notcve.org/view.php?id=CVE-2017-16829
15 Nov 2017 — The _bfd_elf_parse_gnu_properties function in elf-properties.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not prevent negative pointers, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a crafted ELF file. La función _bfd_elf_parse_gnu_properties en elf-properties.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se dist... • https://security.gentoo.org/glsa/201811-17 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-16828 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-16828
15 Nov 2017 — The display_debug_frames function in dwarf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service (integer overflow and heap-based buffer over-read, and application crash) or possibly have unspecified other impact via a crafted ELF file, related to print_debug_frame. La función display_debug_frames en dwarf.c en GNU Binutils 2.29.1 permite que atacantes remotos provoquen una denegación de servicio (desbordamiento de enteros, sobrelectura de búfer basada en memoria dinámica o heap y ci... • https://security.gentoo.org/glsa/201811-17 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-1000383
https://notcve.org/view.php?id=CVE-2017-1000383
31 Oct 2017 — GNU Emacs version 25.3.1 (and other versions most likely) ignores umask when creating a backup save file ("[ORIGINAL_FILENAME]~") resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the emacs binary. GNU Emacs en la versión 25.3.1 (y, muy probablemente, en otras versiones) ignora la máscara de usuario cuando se crea un archivo de guardado de copia de seguridad ("[ORIGINAL_FILENAME]~"), lo que da como resultado archivos que podrían ser legibles por c... • http://www.openwall.com/lists/oss-security/2017/10/31/1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15996 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-15996
29 Oct 2017 — elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a denial of service (excessive memory allocation) or possibly have unspecified other impact via a crafted ELF file that triggers a "buffer overflow on fuzzed archive header," related to an uninitialized variable, an improper conditional jump, and the get_archive_member_name, process_archive_index_and_symbols, and setup_archive functions. elfcomm.c en readelf en GNU Binutils 2.29 permite que atacantes remotos provoquen una denegación ... • http://www.securityfocus.com/bid/101608 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15939 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-15939
27 Oct 2017 — dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles NULL files in a .debug_line file table, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to concat_filename. NOTE: this issue is caused by an incomplete fix for CVE-2017-15023. dwarf2.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29 y ant... • http://www.securityfocus.com/bid/101613 • CWE-476: NULL Pointer Dereference •