CVE-2005-1704

CWE-18911 documents8 sources
Severity
4.6MEDIUM
EPSS
0.2%
top 55.17%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
GNU GDB
Timeline
PublishedMay 24
Latest updateMay 3

Description

Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages2 packages

Debiangdb< 6.3-6+3
NVDgnu/gdb6.3

🔴Vulnerability Details

3
GHSA
GHSA-r87q-q7hx-24jg: Integer overflow in the Binary File Descriptor (BFD) library for gdb before 62022-05-03
OSV
CVE-2005-1704: Integer overflow in the Binary File Descriptor (BFD) library for gdb before 62005-05-24
CVEList
CVE-2005-1704: Integer overflow in the Binary File Descriptor (BFD) library for gdb before 62005-05-24

📋Vendor Advisories

4
Ubuntu
binutils vulnerability2005-05-27
Ubuntu
gdb vulnerabilities2005-05-27
Red Hat
security flaw2005-05-25
Debian
CVE-2005-1704: gdb - Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3,...2005

💬Community

3
Bugzilla
CVE-2005-1704 security flaw2018-08-16
Bugzilla
CVE-2005-1704 Integer overflow in libelf2005-06-09
Bugzilla
CVE-2005-1704 Integer overflow in libelf2005-06-08
CVE-2005-1704 (MEDIUM CVSS 4.6) | Integer overflow in the Binary File | cvebase.io