CVE-2017-7209
- EPSS 1.22%
- Veröffentlicht 21.03.2017 06:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The dump_section_as_bytes function in readelf in GNU Binutils 2.28 accesses a NULL pointer while reading section contents in a corrupt binary, leading to a program crash.
CVE-2017-7210
- EPSS 1.22%
- Veröffentlicht 21.03.2017 06:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
objdump in GNU Binutils 2.28 is vulnerable to multiple heap-based buffer over-reads (of size 1 and size 8) while handling corrupt STABS enum type strings in a crafted object file, leading to program crash.
CVE-2017-6965
- EPSS 1.16%
- Veröffentlicht 17.03.2017 09:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
readelf in GNU Binutils 2.28 writes to illegal addresses while processing corrupt input files containing symbol-difference relocations, leading to a heap-based buffer overflow.
CVE-2017-6966
- EPSS 1.03%
- Veröffentlicht 17.03.2017 09:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
readelf in GNU Binutils 2.28 has a use-after-free (specifically read-after-free) error while processing multiple, relocated sections in an MSP430 binary. This is caused by mishandling of an invalid symbol index, and mishandling of state across invoca...
CVE-2017-6969
- EPSS 3.75%
- Veröffentlicht 17.03.2017 09:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
readelf in GNU Binutils 2.28 is vulnerable to a heap-based buffer over-read while processing corrupt RL78 binaries. The vulnerability can trigger program crashes. It may lead to an information leak as well.
- EPSS 5.21%
- Veröffentlicht 15.01.2015 15:59:14
- Zuletzt bearbeitet 06.05.2026 22:30:45
The _bfd_slurp_extended_name_table function in bfd/archive.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (invalid write, segmentation fault, and crash) via a crafted extended name table in an archive.
CVE-2014-8737
- EPSS 1.04%
- Veröffentlicht 09.12.2014 23:59:07
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple directory traversal vulnerabilities in GNU binutils 2.24 and earlier allow local users to delete arbitrary files via a .. (dot dot) or full path name in an archive to (1) strip or (2) objcopy or create arbitrary files via (3) a .. (dot dot) ...
CVE-2014-8504
- EPSS 6.2%
- Veröffentlicht 09.12.2014 23:59:06
- Zuletzt bearbeitet 06.05.2026 22:30:45
Stack-based buffer overflow in the srec_scan function in bfd/srec.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted file.
CVE-2014-8503
- EPSS 6.2%
- Veröffentlicht 09.12.2014 23:59:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
Stack-based buffer overflow in the ihex_scan function in bfd/ihex.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted ihex file.
CVE-2014-8502
- EPSS 4.91%
- Veröffentlicht 09.12.2014 23:59:04
- Zuletzt bearbeitet 06.05.2026 22:30:45
Heap-based buffer overflow in the pe_print_edata function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a truncated export table in a PE ...