[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250108

 
 

909

 
 

196064

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-2362Date: (C)2006-05-15   (M)2023-12-28


Buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation GNU Binutils before 20060423, as used by GNU strings, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a file with a crafted Tektronix Hex Format (TekHex) record in which the length character is not a valid hexadecimal character.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1018872
BID-17950
2006-0034
SECUNIA-20188
SECUNIA-20531
SECUNIA-20550
SECUNIA-22932
SECUNIA-27441
ADV-2006-1924
ADV-2007-3665
APPLE-SA-2007-10-30
SUSE-SR:2006:026
USN-292-1
http://www.mail-archive.com/bug-binutils%40gnu.org/msg01516.html
binutils-libbfd-bo(26644)
http://sourceware.org/bugzilla/show_bug.cgi?id=2584

CWE    1
CWE-787

© SecPod Technologies