Vulnerability Details CVE-2018-16517
asm/labels.c in Netwide Assembler (NASM) is prone to NULL Pointer Dereference, which allows the attacker to cause a denial of service via a crafted file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.016
EPSS Ranking 80.6%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 4.3
References
- http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html
- http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html
- http://packetstormsecurity.com/files/152566/Netwide-Assembler-NASM-2.14rc15-Null-Pointer-Dereference.html
- https://bugzilla.nasm.us/show_bug.cgi?id=3392513
- https://fakhrizulkifli.github.io/CVE-2018-16517.html
- https://www.exploit-db.com/exploits/46726/
- http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html
- http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html
- http://packetstormsecurity.com/files/152566/Netwide-Assembler-NASM-2.14rc15-Null-Pointer-Dereference.html
- https://bugzilla.nasm.us/show_bug.cgi?id=3392513
- https://fakhrizulkifli.github.io/CVE-2018-16517.html
- https://www.exploit-db.com/exploits/46726/
Products affected by CVE-2018-16517
-
cpe:2.3:a:nasm:netwide_assembler:-
-
cpe:2.3:a:nasm:netwide_assembler:0.9
-
cpe:2.3:a:nasm:netwide_assembler:0.90
-
cpe:2.3:a:nasm:netwide_assembler:0.91
-
cpe:2.3:a:nasm:netwide_assembler:0.92
-
cpe:2.3:a:nasm:netwide_assembler:0.93
-
cpe:2.3:a:nasm:netwide_assembler:0.94
-
cpe:2.3:a:nasm:netwide_assembler:0.95
-
cpe:2.3:a:nasm:netwide_assembler:0.96
-
cpe:2.3:a:nasm:netwide_assembler:0.97
-
cpe:2.3:a:nasm:netwide_assembler:0.98
-
cpe:2.3:a:nasm:netwide_assembler:0.98.03
-
cpe:2.3:a:nasm:netwide_assembler:0.98.06e
-
cpe:2.3:a:nasm:netwide_assembler:0.98.07
-
cpe:2.3:a:nasm:netwide_assembler:0.98.08
-
cpe:2.3:a:nasm:netwide_assembler:0.98.09
-
cpe:2.3:a:nasm:netwide_assembler:0.98.10
-
cpe:2.3:a:nasm:netwide_assembler:0.98.11
-
cpe:2.3:a:nasm:netwide_assembler:0.98.12
-
cpe:2.3:a:nasm:netwide_assembler:0.98.13
-
cpe:2.3:a:nasm:netwide_assembler:0.98.14
-
cpe:2.3:a:nasm:netwide_assembler:0.98.15
-
cpe:2.3:a:nasm:netwide_assembler:0.98.16
-
cpe:2.3:a:nasm:netwide_assembler:0.98.17
-
cpe:2.3:a:nasm:netwide_assembler:0.98.18
-
cpe:2.3:a:nasm:netwide_assembler:0.98.19
-
cpe:2.3:a:nasm:netwide_assembler:0.98.20
-
cpe:2.3:a:nasm:netwide_assembler:0.98.21
-
cpe:2.3:a:nasm:netwide_assembler:0.98.22
-
cpe:2.3:a:nasm:netwide_assembler:0.98.23
-
cpe:2.3:a:nasm:netwide_assembler:0.98.24
-
cpe:2.3:a:nasm:netwide_assembler:0.98.25
-
cpe:2.3:a:nasm:netwide_assembler:0.98.26
-
cpe:2.3:a:nasm:netwide_assembler:0.98.28
-
cpe:2.3:a:nasm:netwide_assembler:0.98.30
-
cpe:2.3:a:nasm:netwide_assembler:0.98.31
-
cpe:2.3:a:nasm:netwide_assembler:0.98.32
-
cpe:2.3:a:nasm:netwide_assembler:0.98.33
-
cpe:2.3:a:nasm:netwide_assembler:0.98.34
-
cpe:2.3:a:nasm:netwide_assembler:0.98.35
-
cpe:2.3:a:nasm:netwide_assembler:0.98.36
-
cpe:2.3:a:nasm:netwide_assembler:0.98.37
-
cpe:2.3:a:nasm:netwide_assembler:0.98.38
-
cpe:2.3:a:nasm:netwide_assembler:0.98.39
-
cpe:2.3:a:nasm:netwide_assembler:0.99.05
-
cpe:2.3:a:nasm:netwide_assembler:0.99.06
-
cpe:2.3:a:nasm:netwide_assembler:2.00
-
cpe:2.3:a:nasm:netwide_assembler:2.00.0
-
cpe:2.3:a:nasm:netwide_assembler:2.01
-
cpe:2.3:a:nasm:netwide_assembler:2.01.0
-
cpe:2.3:a:nasm:netwide_assembler:2.02
-
cpe:2.3:a:nasm:netwide_assembler:2.02.0
-
cpe:2.3:a:nasm:netwide_assembler:2.03
-
cpe:2.3:a:nasm:netwide_assembler:2.03.0
-
cpe:2.3:a:nasm:netwide_assembler:2.03.01
-
cpe:2.3:a:nasm:netwide_assembler:2.04
-
cpe:2.3:a:nasm:netwide_assembler:2.04.0
-
cpe:2.3:a:nasm:netwide_assembler:2.05
-
cpe:2.3:a:nasm:netwide_assembler:2.05.0
-
cpe:2.3:a:nasm:netwide_assembler:2.05.01
-
cpe:2.3:a:nasm:netwide_assembler:2.06
-
cpe:2.3:a:nasm:netwide_assembler:2.06.0
-
cpe:2.3:a:nasm:netwide_assembler:2.07
-
cpe:2.3:a:nasm:netwide_assembler:2.07.0
-
cpe:2.3:a:nasm:netwide_assembler:2.08
-
cpe:2.3:a:nasm:netwide_assembler:2.08.0
-
cpe:2.3:a:nasm:netwide_assembler:2.08.01
-
cpe:2.3:a:nasm:netwide_assembler:2.08.02
-
cpe:2.3:a:nasm:netwide_assembler:2.09
-
cpe:2.3:a:nasm:netwide_assembler:2.09.0
-
cpe:2.3:a:nasm:netwide_assembler:2.09.01
-
cpe:2.3:a:nasm:netwide_assembler:2.09.02
-
cpe:2.3:a:nasm:netwide_assembler:2.09.03
-
cpe:2.3:a:nasm:netwide_assembler:2.09.04
-
cpe:2.3:a:nasm:netwide_assembler:2.09.05
-
cpe:2.3:a:nasm:netwide_assembler:2.09.06
-
cpe:2.3:a:nasm:netwide_assembler:2.09.07
-
cpe:2.3:a:nasm:netwide_assembler:2.09.08
-
cpe:2.3:a:nasm:netwide_assembler:2.09.09
-
cpe:2.3:a:nasm:netwide_assembler:2.09.10
-
cpe:2.3:a:nasm:netwide_assembler:2.10
-
cpe:2.3:a:nasm:netwide_assembler:2.10.0
-
cpe:2.3:a:nasm:netwide_assembler:2.10.01
-
cpe:2.3:a:nasm:netwide_assembler:2.10.02
-
cpe:2.3:a:nasm:netwide_assembler:2.10.03
-
cpe:2.3:a:nasm:netwide_assembler:2.10.04
-
cpe:2.3:a:nasm:netwide_assembler:2.10.05
-
cpe:2.3:a:nasm:netwide_assembler:2.10.06
-
cpe:2.3:a:nasm:netwide_assembler:2.10.07
-
cpe:2.3:a:nasm:netwide_assembler:2.10.08
-
cpe:2.3:a:nasm:netwide_assembler:2.10.09
-
cpe:2.3:a:nasm:netwide_assembler:2.11
-
cpe:2.3:a:nasm:netwide_assembler:2.11.0
-
cpe:2.3:a:nasm:netwide_assembler:2.11.01
-
cpe:2.3:a:nasm:netwide_assembler:2.11.02
-
cpe:2.3:a:nasm:netwide_assembler:2.11.03
-
cpe:2.3:a:nasm:netwide_assembler:2.11.04
-
cpe:2.3:a:nasm:netwide_assembler:2.11.05
-
cpe:2.3:a:nasm:netwide_assembler:2.11.06
-
cpe:2.3:a:nasm:netwide_assembler:2.11.07
-
cpe:2.3:a:nasm:netwide_assembler:2.11.08
-
cpe:2.3:a:nasm:netwide_assembler:2.11.09
-
cpe:2.3:a:nasm:netwide_assembler:2.12
-
cpe:2.3:a:nasm:netwide_assembler:2.12.0
-
cpe:2.3:a:nasm:netwide_assembler:2.12.01
-
cpe:2.3:a:nasm:netwide_assembler:2.12.02
-
cpe:2.3:a:nasm:netwide_assembler:2.12.03
-
cpe:2.3:a:nasm:netwide_assembler:2.13
-
cpe:2.3:a:nasm:netwide_assembler:2.13.0
-
cpe:2.3:a:nasm:netwide_assembler:2.13.01
-
cpe:2.3:a:nasm:netwide_assembler:2.13.02
-
cpe:2.3:a:nasm:netwide_assembler:2.13.03
-
cpe:2.3:a:nasm:netwide_assembler:2.14
-
cpe:2.3:a:nasm:netwide_assembler:2.14.0