~/products/debian/binutils

pipeline liveDigest Docs

Debian Binutils vulnerabilities

285 known vulnerabilities affecting debian/binutils.

Total CVEs

285

CISA KEV

0

Public exploits

12

Exploited in wild

0

Severity breakdown

CRITICAL3HIGH40MEDIUM23LOW219

Vulnerabilities

Page 15 of 15

CVE-2008-2310LOWCVSS 6.8fixed in binutils 2.18.1~cvs20080103-1 (bookworm)2008

CVE-2008-2310 [MEDIUM] CVE-2008-2310: binutils - Format string vulnerability in c++filt in Apple Mac OS X 10.5 before 10.5.4 allo... Format string vulnerability in c++filt in Apple Mac OS X 10.5 before 10.5.4 allows user-assisted attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted string in (1) C++ or (2) Java source code. Scope: local bookworm: resolved (fixed in 2.18.1~cvs20080103-1) bullseye: resolved (fixed in 2.18.1~cvs20080103-1) forky: resolv

CVE-2006-0646LOWCVSS 4.42006

CVE-2006-0646 [MEDIUM] CVE-2006-0646: binutils - ld in SUSE Linux 9.1 through 10.0, and SLES 9, in certain circumstances when lin... ld in SUSE Linux 9.1 through 10.0, and SLES 9, in certain circumstances when linking binaries, can leave an empty RPATH or RUNPATH, which allows local attackers to execute arbitrary code as other users via by running an ld-linked application from the current directory, which could contain an attacker-controlled library file. Scope: local bookworm: resolved bullseye

CVE-2006-2362LOWCVSS 7.3PoCfixed in binutils 2.17-1 (bookworm)2006

CVE-2006-2362 [HIGH] CVE-2006-2362: binutils - Buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation GNU ... Buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation GNU Binutils before 20060423, as used by GNU strings, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a file with a crafted Tektronix Hex Format (TekHex) record in which the length character is not a valid hexadecimal

CVE-2005-4807LOWCVSS 7.5PoCfixed in binutils 2.17-1 (bookworm)2005

CVE-2005-4807 [HIGH] CVE-2005-4807: binutils - Stack-based buffer overflow in the as_bad function in messages.c in the GNU as (... Stack-based buffer overflow in the as_bad function in messages.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050721 allows attackers to execute arbitrary code via a .c file with crafted inline assembly code. Scope: local bookworm: resolved (fixed in 2.17-1) bullseye: resolved (fixed in 2.17-1) forky: resolved (fixed in 2.17-1) sid:

CVE-2005-4808LOWCVSS 7.6fixed in binutils 2.17-1 (bookworm)2005

CVE-2005-4808 [HIGH] CVE-2005-4808: binutils - Buffer overflow in reset_vars in config/tc-crx.c in the GNU as (gas) assembler i... Buffer overflow in reset_vars in config/tc-crx.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050714 allows user-assisted attackers to have an unknown impact via a crafted .s file. Scope: local bookworm: resolved (fixed in 2.17-1) bullseye: resolved (fixed in 2.17-1) forky: resolved (fixed in 2.17-1) sid: resolved (fixed in 2.17-1)

← Previous15 / 15