Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2018-1000667

Опубликовано: 06 сент. 2018
Источник: debian
EPSS Низкий

Описание

NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption (crashed) of nasm when handling a crafted file due to function assemble_file(inname, depend_ptr) at asm/nasm.c:482. vulnerability in function assemble_file(inname, depend_ptr) at asm/nasm.c:482. that can result in aborting/crash nasm program. This attack appear to be exploitable via a specially crafted asm file..

Пакеты

ПакетСтатусВерсия исправленияРелизТип
nasmfixed2.14-1package

Примечания

  • https://bugzilla.nasm.us/show_bug.cgi?id=3392507

  • https://github.com/netwide-assembler/nasm/commit/c713b5f994cf7b29164c3b6838b91f0499591434

  • https://github.com/cyrillos/nasm/issues/3

  • Crash in CLI tool, no security impact

EPSS

Процентиль: 43%
0.00206
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2018-1000667

CVSS3: 5.5
ubuntu
больше 7 лет назад

NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption (crashed) of nasm when handling a crafted file due to function assemble_file(inname, depend_ptr) at asm/nasm.c:482. vulnerability in function assemble_file(inname, depend_ptr) at asm/nasm.c:482. that can result in aborting/crash nasm program. This attack appear to be exploitable via a specially crafted asm file..

redhat логотип

CVE-2018-1000667

CVSS3: 2.5
redhat
больше 7 лет назад

NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption (crashed) of nasm when handling a crafted file due to function assemble_file(inname, depend_ptr) at asm/nasm.c:482. vulnerability in function assemble_file(inname, depend_ptr) at asm/nasm.c:482. that can result in aborting/crash nasm program. This attack appear to be exploitable via a specially crafted asm file..

nvd логотип

CVE-2018-1000667

CVSS3: 5.5
nvd
больше 7 лет назад

NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption (crashed) of nasm when handling a crafted file due to function assemble_file(inname, depend_ptr) at asm/nasm.c:482. vulnerability in function assemble_file(inname, depend_ptr) at asm/nasm.c:482. that can result in aborting/crash nasm program. This attack appear to be exploitable via a specially crafted asm file..

github логотип

GHSA-mx2f-ggfx-v955

CVSS3: 5.5
github
больше 3 лет назад

NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption (crashed) of nasm when handling a crafted file due to function assemble_file(inname, depend_ptr) at asm/nasm.c:482. vulnerability in function assemble_file(inname, depend_ptr) at asm/nasm.c:482. that can result in aborting/crash nasm program. This attack appear to be exploitable via a specially crafted asm file..

suse-cvrf логотип

openSUSE-SU-2020:0954-1

suse-cvrf
больше 5 лет назад

Security update for nasm

EPSS

Процентиль: 43%
0.00206
Низкий