CVE-2017-13757 in binutilsinfo

Summary

The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the PLT section size, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to elf_i386_get_synthetic_symtab in elf32-i386.c and elf_x86_64_get_synthetic_symtab in elf64-x86-64.c.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

08/29/2017

Disclosure

08/29/2017

Moderation

VulDB entry created

Entries

1: VDB-105950

CPE

ready

CWE

CWE-119 (Confirmed)

CVSS

6.4

EPSS

0.00452

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-13757
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-13757
CVE Details	https://www.cvedetails.com/cve/CVE-2017-13757/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!