CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-17125

nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global symbols, which allows remote attackers to cause a denial of service (_bfd_elf_get_symbol_version_string buffer over-read and application crash) or possibly have unspecified other impact via a crafted ELF file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 58.4%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 6.8

References

https://security.gentoo.org/glsa/201811-17
https://sourceware.org/bugzilla/show_bug.cgi?id=22443
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=160b1a618ad94988410dc81fce9189fcda5b7ff4
https://security.gentoo.org/glsa/201811-17
https://sourceware.org/bugzilla/show_bug.cgi?id=22443
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=160b1a618ad94988410dc81fce9189fcda5b7ff4

Products affected by CVE-2017-17125

Gnu » Binutils » Version: 2.29.1

cpe:2.3:a:gnu:binutils:2.29.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-17125

Products

Pricing

Contact Us