cbcvebase.
CVE-2004-1287
published 2005-01-10

CVE-2004-1287: Buffer overflow in the error function in preproc.c for NASM 0.98.38 1.2 allows attackers to execute arbitrary code via a crafted asm file, a different…

PriorityP345critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
17.88%
96.8th percentile
Buffer overflow in the error function in preproc.c for NASM 0.98.38 1.2 allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2005-1194.

Affected

17 ranges
VendorProductVersion rangeFixed in
debiannasm< nasm 0.98.38-1.1 (bookworm)nasm 0.98.38-1.1 (bookworm)
debiannasm< nasm 0.98.38-1.2 (bookworm)nasm 0.98.38-1.2 (bookworm)
nasmnasm>= 0 < 0.98.38-1.10.98.38-1.1
nasmnasm>= 0 < 0.98.38-1.20.98.38-1.2
nasmnasm>= 0 < 0.98.38-1.10.98.38-1.1
nasmnasm>= 0 < 0.98.38-1.20.98.38-1.2
nasmnasm>= 0 < 0.98.38-1.10.98.38-1.1
nasmnasm>= 0 < 0.98.38-1.20.98.38-1.2
nasmnasm>= 0 < 0.98.38-1.10.98.38-1.1
nasmnasm>= 0 < 0.98.38-1.20.98.38-1.2
nasmnetwide_assembler
redhatenterprise_linux
redhatenterprise_linux
redhatenterprise_linux
redhatenterprise_linux_desktop
redhatenterprise_linux_desktop
redhatlinux_advanced_workstation

CVSS provenance

nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
osv10.0CRITICAL
vendor_debian10.0CRITICAL
vendor_redhat10.0CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.