Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2014-8504

Опубликовано: 27 окт. 2014
Источник: redhat
CVSS2: 1.2
EPSS Низкий

Описание

Stack-based buffer overflow in the srec_scan function in bfd/srec.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted file.

A stack-based buffer overflow flaw was found in the SREC parser of the libbfd library. A specially crafted file could cause an application using the libbfd library to crash or, potentially, execute arbitrary code with the privileges of the user running that application.

Отчет

Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Developer Toolset 2.1devtoolset-2-binutilsWill not fix
Red Hat Enterprise Linux 5binutilsWill not fix
Red Hat Enterprise Linux 5binutils220Will not fix
Red Hat Enterprise Linux 6binutilsWill not fix
Red Hat Enterprise Linux 6mingw32-binutilsWill not fix
Red Hat Enterprise Linux 7binutilsFixedRHSA-2015:207919.11.2015

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-121
https://bugzilla.redhat.com/show_bug.cgi?id=1162621binutils: stack overflow in the SREC parser

EPSS

Процентиль: 87%
0.03302
Низкий

1.2 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2014-8504

ubuntu
больше 10 лет назад

Stack-based buffer overflow in the srec_scan function in bfd/srec.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted file.

nvd логотип

CVE-2014-8504

nvd
больше 10 лет назад

Stack-based buffer overflow in the srec_scan function in bfd/srec.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted file.

debian логотип

CVE-2014-8504

debian
больше 10 лет назад

Stack-based buffer overflow in the srec_scan function in bfd/srec.c in ...

github логотип

GHSA-mc28-wwxw-q97x

github
больше 3 лет назад

Stack-based buffer overflow in the srec_scan function in bfd/srec.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted file.

oracle-oval логотип

ELSA-2015-2079

oracle-oval
почти 10 лет назад

ELSA-2015-2079: binutils security, bug fix, and enhancement update (MODERATE)

EPSS

Процентиль: 87%
0.03302
Низкий

1.2 Low

CVSS2