Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2018-1000667

Опубликовано: 06 сент. 2018
Источник: nvd
CVSS3: 5.5
CVSS2: 4.3
EPSS Низкий

Описание

NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption (crashed) of nasm when handling a crafted file due to function assemble_file(inname, depend_ptr) at asm/nasm.c:482. vulnerability in function assemble_file(inname, depend_ptr) at asm/nasm.c:482. that can result in aborting/crash nasm program. This attack appear to be exploitable via a specially crafted asm file..

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:nasm:netwide_assembler:*:*:*:*:*:*:*:*
Версия до 2.14.0 (включая)
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc1:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc10:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc11:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc12:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc13:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc14:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc15:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc2:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc3:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc4:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc5:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc6:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc7:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc8:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc9:*:*:*:*:*:*

EPSS

Процентиль: 43%
0.00206
Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-119

Связанные уязвимости

ubuntu логотип

CVE-2018-1000667

CVSS3: 5.5
ubuntu
больше 7 лет назад

NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption (crashed) of nasm when handling a crafted file due to function assemble_file(inname, depend_ptr) at asm/nasm.c:482. vulnerability in function assemble_file(inname, depend_ptr) at asm/nasm.c:482. that can result in aborting/crash nasm program. This attack appear to be exploitable via a specially crafted asm file..

redhat логотип

CVE-2018-1000667

CVSS3: 2.5
redhat
больше 7 лет назад

NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption (crashed) of nasm when handling a crafted file due to function assemble_file(inname, depend_ptr) at asm/nasm.c:482. vulnerability in function assemble_file(inname, depend_ptr) at asm/nasm.c:482. that can result in aborting/crash nasm program. This attack appear to be exploitable via a specially crafted asm file..

debian логотип

CVE-2018-1000667

CVSS3: 5.5
debian
больше 7 лет назад

NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains ...

github логотип

GHSA-mx2f-ggfx-v955

CVSS3: 5.5
github
больше 3 лет назад

NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption (crashed) of nasm when handling a crafted file due to function assemble_file(inname, depend_ptr) at asm/nasm.c:482. vulnerability in function assemble_file(inname, depend_ptr) at asm/nasm.c:482. that can result in aborting/crash nasm program. This attack appear to be exploitable via a specially crafted asm file..

suse-cvrf логотип

openSUSE-SU-2020:0954-1

suse-cvrf
больше 5 лет назад

Security update for nasm

EPSS

Процентиль: 43%
0.00206
Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-119