Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2014-8502

Опубликовано: 28 окт. 2014
Источник: redhat
CVSS2: 2.6
EPSS Низкий

Описание

Heap-based buffer overflow in the pe_print_edata function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a truncated export table in a PE file.

It was found that the fix for the CVE-2014-8485 issue was incomplete: a heap-based buffer overflow in the objdump utility could cause it to crash or, potentially, execute arbitrary code with the privileges of the user running objdump when processing specially crafted files.

Отчет

Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Developer Toolset 2.1devtoolset-2-binutilsWill not fix
Red Hat Enterprise Linux 5binutilsWill not fix
Red Hat Enterprise Linux 5binutils220Will not fix
Red Hat Enterprise Linux 6binutilsWill not fix
Red Hat Enterprise Linux 6mingw32-binutilsWill not fix
Red Hat Enterprise Linux 7binutilsFixedRHSA-2015:207919.11.2015

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-122
https://bugzilla.redhat.com/show_bug.cgi?id=1162594binutils: heap overflow in objdump when parsing a crafted ELF/PE binary file (incomplete fix for CVE-2014-8485)

EPSS

Процентиль: 89%
0.04743
Низкий

2.6 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2014-8502

ubuntu
больше 10 лет назад

Heap-based buffer overflow in the pe_print_edata function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a truncated export table in a PE file.

nvd логотип

CVE-2014-8502

nvd
больше 10 лет назад

Heap-based buffer overflow in the pe_print_edata function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a truncated export table in a PE file.

debian логотип

CVE-2014-8502

debian
больше 10 лет назад

Heap-based buffer overflow in the pe_print_edata function in bfd/peXXi ...

github логотип

GHSA-chc4-43c9-qrj7

github
больше 3 лет назад

Heap-based buffer overflow in the pe_print_edata function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a truncated export table in a PE file.

oracle-oval логотип

ELSA-2015-2079

oracle-oval
почти 10 лет назад

ELSA-2015-2079: binutils security, bug fix, and enhancement update (MODERATE)

EPSS

Процентиль: 89%
0.04743
Низкий

2.6 Low

CVSS2