CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-14228

In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the function paste_tokens() in preproc.c, aka a NULL pointer dereference. It will lead to remote denial of service.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 42.2%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 4.3

References

https://bugzilla.nasm.us/show_bug.cgi?id=3392423
https://security.gentoo.org/glsa/201903-19
https://usn.ubuntu.com/3694-1/
https://bugzilla.nasm.us/show_bug.cgi?id=3392423
https://security.gentoo.org/glsa/201903-19
https://usn.ubuntu.com/3694-1/

Products affected by CVE-2017-14228

Nasm » Netwide Assembler » Version: 2.14

cpe:2.3:a:nasm:netwide_assembler:2.14
Canonical » Ubuntu Linux » Version: 14.04

cpe:2.3:o:canonical:ubuntu_linux:14.04

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-14228

Products

Pricing

Contact Us