admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2017/CVE-2017-171xx/CVE-2017-17124.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

130 lines
4.2 KiB
JSON
Raw Blame History

{
"id": "CVE-2017-17124",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-12-04T08:29:00.577",
"lastModified": "2024-11-21T03:17:31.703",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The _bfd_coff_read_string_table function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not properly validate the size of the external string table, which allows remote attackers to cause a denial of service (excessive memory consumption, or heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted COFF binary."
},
{
"lang": "es",
"value": "La funci\u00f3n _bfd_coff_read_string_table en coffgen.c en la biblioteca Binary File Descriptor (BFD), tambi\u00e9n conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29.1 no valida correctamente el tama\u00f1o de la tabla de cadenas externas, lo que permite que atacantes remotos provoquen una denegaci\u00f3n de servicio (consumo excesivo de memoria y cierre inesperado de la aplicaci\u00f3n) o, posiblemente, otro impacto sin especificar mediante un binario COFF manipulado."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"baseScore": 6.8,
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gnu:binutils:2.29.1:*:*:*:*:*:*:*",
"matchCriteriaId": "40A0A80E-11FE-4454-996C-9D4299602569"
}
]
}
]
}
],
"references": [
{
"url": "https://security.gentoo.org/glsa/201811-17",
"source": "cve@mitre.org"
},
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22507",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=b0029dce6867de1a2828293177b0e030d2f0f03c",
"source": "cve@mitre.org"
},
{
"url": "https://security.gentoo.org/glsa/201811-17",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=22507",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=b0029dce6867de1a2828293177b0e030d2f0f03c",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}
Reference in New Issue View Git Blame Copy Permalink