mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
120 lines
4.5 KiB
JSON
120 lines
4.5 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2025-1180",
|
|
"ASSIGNER": "cna@vuldb.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "A vulnerability classified as problematic has been found in GNU Binutils 2.43. This affects the function _bfd_elf_write_section_eh_frame of the file bfd/elf-eh-frame.c of the component ld. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue."
|
|
},
|
|
{
|
|
"lang": "deu",
|
|
"value": "Es wurde eine Schwachstelle in GNU Binutils 2.43 entdeckt. Sie wurde als problematisch eingestuft. Dabei betrifft es die Funktion _bfd_elf_write_section_eh_frame der Datei bfd/elf-eh-frame.c der Komponente ld. Durch Manipulieren mit unbekannten Daten kann eine memory corruption-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie ist schwierig auszunutzen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Memory Corruption",
|
|
"cweId": "CWE-119"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "GNU",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Binutils",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "2.43"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://vuldb.com/?id.295083",
|
|
"refsource": "MISC",
|
|
"name": "https://vuldb.com/?id.295083"
|
|
},
|
|
{
|
|
"url": "https://vuldb.com/?ctiid.295083",
|
|
"refsource": "MISC",
|
|
"name": "https://vuldb.com/?ctiid.295083"
|
|
},
|
|
{
|
|
"url": "https://vuldb.com/?submit.495381",
|
|
"refsource": "MISC",
|
|
"name": "https://vuldb.com/?submit.495381"
|
|
},
|
|
{
|
|
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=32642",
|
|
"refsource": "MISC",
|
|
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=32642"
|
|
},
|
|
{
|
|
"url": "https://sourceware.org/bugzilla/attachment.cgi?id=15917",
|
|
"refsource": "MISC",
|
|
"name": "https://sourceware.org/bugzilla/attachment.cgi?id=15917"
|
|
},
|
|
{
|
|
"url": "https://www.gnu.org/",
|
|
"refsource": "MISC",
|
|
"name": "https://www.gnu.org/"
|
|
}
|
|
]
|
|
},
|
|
"credits": [
|
|
{
|
|
"lang": "en",
|
|
"value": "wenjusun (VulDB User)"
|
|
}
|
|
],
|
|
"impact": {
|
|
"cvss": [
|
|
{
|
|
"version": "3.1",
|
|
"baseScore": 3.1,
|
|
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
|
|
"baseSeverity": "LOW"
|
|
},
|
|
{
|
|
"version": "3.0",
|
|
"baseScore": 3.1,
|
|
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
|
|
"baseSeverity": "LOW"
|
|
},
|
|
{
|
|
"version": "2.0",
|
|
"baseScore": 2.6,
|
|
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P"
|
|
}
|
|
]
|
|
}
|
|
} |