Vulnerabilites related to GNU - gdb
cve-2017-9778
Vulnerability from cvelistv5
Published
2017-06-21 07:00
Modified
2024-08-05 17:18
Severity ?
EPSS score ?
Summary
GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for example, impede efforts to analyze malware with GDB.
References
| ▼ | URL | Tags |
|---|---|---|
| https://sourceware.org/bugzilla/show_bug.cgi?id=21600 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/99244 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:18:02.165Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=21600"
},
{
"name": "99244",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99244"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-06-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for example, impede efforts to analyze malware with GDB."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-26T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=21600"
},
{
"name": "99244",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99244"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-9778",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for example, impede efforts to analyze malware with GDB."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=21600",
"refsource": "CONFIRM",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=21600"
},
{
"name": "99244",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99244"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-9778",
"datePublished": "2017-06-21T07:00:00",
"dateReserved": "2017-06-21T00:00:00",
"dateUpdated": "2024-08-05T17:18:02.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-1704
Vulnerability from cvelistv5
Published
2005-05-24 04:00
Modified
2024-08-07 21:59
Severity ?
EPSS score ?
Summary
Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:59:24.170Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "13697",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/13697"
},
{
"name": "17072",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17072"
},
{
"name": "21122",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21122"
},
{
"name": "2005-0025",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2005/0025/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-178.htm"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2005-222.pdf"
},
{
"name": "RHSA-2006:0368",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0368.html"
},
{
"name": "20070404 VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464745/100/0/threaded"
},
{
"name": "18506",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18506"
},
{
"name": "CLA-2006:1060",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=001060"
},
{
"name": "RHSA-2005:709",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-709.html"
},
{
"name": "ADV-2007-1267",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1267"
},
{
"name": "21262",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21262"
},
{
"name": "RHSA-2005:673",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-673.html"
},
{
"name": "MDKSA-2005:215",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:215"
},
{
"name": "17001",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17001"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm"
},
{
"name": "RHSA-2006:0354",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0354.html"
},
{
"name": "RHSA-2005:801",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-801.html"
},
{
"name": "RHSA-2005:763",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-763.html"
},
{
"name": "24788",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24788"
},
{
"name": "USN-136-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/136-1/"
},
{
"name": "GLSA-200505-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200505-15.xml"
},
{
"name": "GLSA-200506-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200506-01.xml"
},
{
"name": "oval:org.mitre.oval:def:9071",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9071"
},
{
"name": "MDKSA-2005:095",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:095"
},
{
"name": "15527",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/15527"
},
{
"name": "17257",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17257"
},
{
"name": "17135",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17135"
},
{
"name": "17356",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17356"
},
{
"name": "1016544",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016544"
},
{
"name": "17718",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17718"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=91398"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/support/vi3/doc/esx-55052-patch.html"
},
{
"name": "16757",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/16757"
},
{
"name": "21717",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21717"
},
{
"name": "RHSA-2005:659",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-659.html"
},
{
"name": "20060703-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-05-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "13697",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/13697"
},
{
"name": "17072",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17072"
},
{
"name": "21122",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21122"
},
{
"name": "2005-0025",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2005/0025/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-178.htm"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2005-222.pdf"
},
{
"name": "RHSA-2006:0368",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0368.html"
},
{
"name": "20070404 VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464745/100/0/threaded"
},
{
"name": "18506",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18506"
},
{
"name": "CLA-2006:1060",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=001060"
},
{
"name": "RHSA-2005:709",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-709.html"
},
{
"name": "ADV-2007-1267",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1267"
},
{
"name": "21262",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21262"
},
{
"name": "RHSA-2005:673",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-673.html"
},
{
"name": "MDKSA-2005:215",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:215"
},
{
"name": "17001",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17001"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm"
},
{
"name": "RHSA-2006:0354",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0354.html"
},
{
"name": "RHSA-2005:801",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-801.html"
},
{
"name": "RHSA-2005:763",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-763.html"
},
{
"name": "24788",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24788"
},
{
"name": "USN-136-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/136-1/"
},
{
"name": "GLSA-200505-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200505-15.xml"
},
{
"name": "GLSA-200506-01",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200506-01.xml"
},
{
"name": "oval:org.mitre.oval:def:9071",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9071"
},
{
"name": "MDKSA-2005:095",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:095"
},
{
"name": "15527",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/15527"
},
{
"name": "17257",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17257"
},
{
"name": "17135",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17135"
},
{
"name": "17356",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17356"
},
{
"name": "1016544",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016544"
},
{
"name": "17718",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17718"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=91398"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/support/vi3/doc/esx-55052-patch.html"
},
{
"name": "16757",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/16757"
},
{
"name": "21717",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21717"
},
{
"name": "RHSA-2005:659",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-659.html"
},
{
"name": "20060703-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1704",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "13697",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/13697"
},
{
"name": "17072",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17072"
},
{
"name": "21122",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21122"
},
{
"name": "2005-0025",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2005/0025/"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-178.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-178.htm"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2005-222.pdf",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2005-222.pdf"
},
{
"name": "RHSA-2006:0368",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0368.html"
},
{
"name": "20070404 VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464745/100/0/threaded"
},
{
"name": "18506",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18506"
},
{
"name": "CLA-2006:1060",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=001060"
},
{
"name": "RHSA-2005:709",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-709.html"
},
{
"name": "ADV-2007-1267",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1267"
},
{
"name": "21262",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21262"
},
{
"name": "RHSA-2005:673",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-673.html"
},
{
"name": "MDKSA-2005:215",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:215"
},
{
"name": "17001",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17001"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm"
},
{
"name": "RHSA-2006:0354",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0354.html"
},
{
"name": "RHSA-2005:801",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-801.html"
},
{
"name": "RHSA-2005:763",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-763.html"
},
{
"name": "24788",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24788"
},
{
"name": "USN-136-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/136-1/"
},
{
"name": "GLSA-200505-15",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200505-15.xml"
},
{
"name": "GLSA-200506-01",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200506-01.xml"
},
{
"name": "oval:org.mitre.oval:def:9071",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9071"
},
{
"name": "MDKSA-2005:095",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:095"
},
{
"name": "15527",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15527"
},
{
"name": "17257",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17257"
},
{
"name": "17135",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17135"
},
{
"name": "17356",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17356"
},
{
"name": "1016544",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016544"
},
{
"name": "17718",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17718"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=91398",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=91398"
},
{
"name": "http://www.vmware.com/support/vi3/doc/esx-55052-patch.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/support/vi3/doc/esx-55052-patch.html"
},
{
"name": "16757",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/16757"
},
{
"name": "21717",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21717"
},
{
"name": "RHSA-2005:659",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-659.html"
},
{
"name": "20060703-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-1704",
"datePublished": "2005-05-24T04:00:00",
"dateReserved": "2005-05-24T00:00:00",
"dateUpdated": "2024-08-07T21:59:24.170Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-39129
Vulnerability from cvelistv5
Published
2023-07-25 00:00
Modified
2024-10-24 14:10
Severity ?
EPSS score ?
Summary
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap use after free via the function add_pe_exported_sym() at /gdb/coff-pe-read.c.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:02:05.225Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30640"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:gnu:gdb:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gdb",
"vendor": "gnu",
"versions": [
{
"status": "affected",
"version": "13.0.50.20220805-git"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39129",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-24T14:08:58.714252Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-24T14:10:49.318Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap use after free via the function add_pe_exported_sym() at /gdb/coff-pe-read.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-25T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30640"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-39129",
"datePublished": "2023-07-25T00:00:00",
"dateReserved": "2023-07-25T00:00:00",
"dateUpdated": "2024-10-24T14:10:49.318Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-39130
Vulnerability from cvelistv5
Published
2023-07-25 00:00
Modified
2024-10-24 14:11
Severity ?
EPSS score ?
Summary
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap buffer overflow via the function pe_as16() at /gdb/coff-pe-read.c.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:02:06.647Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30641"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:gnu:gdb:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gdb",
"vendor": "gnu",
"versions": [
{
"status": "affected",
"version": "13.0.50.20220805-git"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39130",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-24T14:08:38.678394Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-24T14:11:30.406Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap buffer overflow via the function pe_as16() at /gdb/coff-pe-read.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-25T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30641"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-39130",
"datePublished": "2023-07-25T00:00:00",
"dateReserved": "2023-07-25T00:00:00",
"dateUpdated": "2024-10-24T14:11:30.406Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-4146
Vulnerability from cvelistv5
Published
2006-08-31 22:00
Modified
2024-08-07 18:57
Severity ?
EPSS score ?
Summary
Buffer overflow in the (1) DWARF (dwarfread.c) and (2) DWARF2 (dwarf2read.c) debugging code in GNU Debugger (GDB) 6.5 allows user-assisted attackers, or restricted users, to execute arbitrary code via a crafted file with a location block (DW_FORM_block) that contains a large number of operations.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:57:46.146Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"name": "ADV-2006-4283",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4283"
},
{
"name": "25098",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25098"
},
{
"name": "GLSA-200711-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
},
{
"name": "25894",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25894"
},
{
"name": "RHSA-2007:0469",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0469.html"
},
{
"name": "ADV-2007-3229",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"name": "APPLE-SA-2006-10-31",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2006/Oct/msg00000.html"
},
{
"name": "28318",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/28318"
},
{
"name": "1017138",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017138"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-253.htm"
},
{
"name": "oval:org.mitre.oval:def:10463",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10463"
},
{
"name": "RHSA-2007:0229",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0229.html"
},
{
"name": "22662",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22662"
},
{
"name": "25632",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25632"
},
{
"name": "25934",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25934"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=304669"
},
{
"name": "ADV-2006-3433",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3433"
},
{
"name": "26909",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26909"
},
{
"name": "27706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27706"
},
{
"name": "21713",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21713"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204841"
},
{
"name": "22205",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22205"
},
{
"name": "19802",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19802"
},
{
"name": "20070602-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"
},
{
"name": "USN-356-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-356-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the (1) DWARF (dwarfread.c) and (2) DWARF2 (dwarf2read.c) debugging code in GNU Debugger (GDB) 6.5 allows user-assisted attackers, or restricted users, to execute arbitrary code via a crafted file with a location block (DW_FORM_block) that contains a large number of operations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"name": "ADV-2006-4283",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4283"
},
{
"name": "25098",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25098"
},
{
"name": "GLSA-200711-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
},
{
"name": "25894",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25894"
},
{
"name": "RHSA-2007:0469",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0469.html"
},
{
"name": "ADV-2007-3229",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"name": "APPLE-SA-2006-10-31",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2006/Oct/msg00000.html"
},
{
"name": "28318",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/28318"
},
{
"name": "1017138",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017138"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-253.htm"
},
{
"name": "oval:org.mitre.oval:def:10463",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10463"
},
{
"name": "RHSA-2007:0229",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2007-0229.html"
},
{
"name": "22662",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22662"
},
{
"name": "25632",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25632"
},
{
"name": "25934",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25934"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=304669"
},
{
"name": "ADV-2006-3433",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3433"
},
{
"name": "26909",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26909"
},
{
"name": "27706",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27706"
},
{
"name": "21713",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21713"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204841"
},
{
"name": "22205",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22205"
},
{
"name": "19802",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19802"
},
{
"name": "20070602-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"
},
{
"name": "USN-356-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-356-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4146",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the (1) DWARF (dwarfread.c) and (2) DWARF2 (dwarf2read.c) debugging code in GNU Debugger (GDB) 6.5 allows user-assisted attackers, or restricted users, to execute arbitrary code via a crafted file with a location block (DW_FORM_block) that contains a large number of operations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"name": "ADV-2006-4283",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4283"
},
{
"name": "25098",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25098"
},
{
"name": "GLSA-200711-23",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
},
{
"name": "25894",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25894"
},
{
"name": "RHSA-2007:0469",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0469.html"
},
{
"name": "ADV-2007-3229",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"name": "APPLE-SA-2006-10-31",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2006/Oct/msg00000.html"
},
{
"name": "28318",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/28318"
},
{
"name": "1017138",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017138"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-253.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-253.htm"
},
{
"name": "oval:org.mitre.oval:def:10463",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10463"
},
{
"name": "RHSA-2007:0229",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0229.html"
},
{
"name": "22662",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22662"
},
{
"name": "25632",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25632"
},
{
"name": "25934",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25934"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=304669",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=304669"
},
{
"name": "ADV-2006-3433",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3433"
},
{
"name": "26909",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26909"
},
{
"name": "27706",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27706"
},
{
"name": "21713",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21713"
},
{
"name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204841",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204841"
},
{
"name": "22205",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22205"
},
{
"name": "19802",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19802"
},
{
"name": "20070602-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"
},
{
"name": "USN-356-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-356-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4146",
"datePublished": "2006-08-31T22:00:00",
"dateReserved": "2006-08-15T00:00:00",
"dateUpdated": "2024-08-07T18:57:46.146Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-39128
Vulnerability from cvelistv5
Published
2023-07-25 00:00
Modified
2024-10-24 14:12
Severity ?
EPSS score ?
Summary
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:02:05.133Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30639"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:gnu:gdb:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gdb",
"vendor": "gnu",
"versions": [
{
"status": "affected",
"version": "13.0.50.20220805-git"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-39128",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-24T14:06:23.576735Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-24T14:12:09.968Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-25T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30639"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-39128",
"datePublished": "2023-07-25T00:00:00",
"dateReserved": "2023-07-25T00:00:00",
"dateUpdated": "2024-10-24T14:12:09.968Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1010180
Vulnerability from cvelistv5
Published
2019-07-24 12:01
Modified
2024-08-05 03:07
Severity ?
EPSS score ?
Summary
GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.
References
| ▼ | URL | Tags |
|---|---|---|
| https://sourceware.org/bugzilla/show_bug.cgi?id=23657 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/109367 | vdb-entry, x_refsource_BID | |
| http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00029.html | vendor-advisory, x_refsource_SUSE | |
| http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00028.html | vendor-advisory, x_refsource_SUSE | |
| https://security.gentoo.org/glsa/202003-31 | vendor-advisory, x_refsource_GENTOO |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:07:18.377Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=23657"
},
{
"name": "109367",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/109367"
},
{
"name": "openSUSE-SU-2019:2415",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html"
},
{
"name": "openSUSE-SU-2019:2432",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html"
},
{
"name": "openSUSE-SU-2019:2493",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00029.html"
},
{
"name": "openSUSE-SU-2019:2494",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00028.html"
},
{
"name": "GLSA-202003-31",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202003-31"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "gdb",
"vendor": "GNU",
"versions": [
{
"status": "affected",
"version": "All versions (At least as of date 2018-09-16)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Overflow - Out of bound memory access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-15T20:05:59",
"orgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8",
"shortName": "dwf"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=23657"
},
{
"name": "109367",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/109367"
},
{
"name": "openSUSE-SU-2019:2415",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html"
},
{
"name": "openSUSE-SU-2019:2432",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html"
},
{
"name": "openSUSE-SU-2019:2493",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00029.html"
},
{
"name": "openSUSE-SU-2019:2494",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00028.html"
},
{
"name": "GLSA-202003-31",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202003-31"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010180",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "gdb",
"version": {
"version_data": [
{
"version_value": "All versions (At least as of date 2018-09-16)"
}
]
}
}
]
},
"vendor_name": "GNU"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow - Out of bound memory access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=23657",
"refsource": "MISC",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=23657"
},
{
"name": "109367",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/109367"
},
{
"name": "openSUSE-SU-2019:2415",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html"
},
{
"name": "openSUSE-SU-2019:2432",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html"
},
{
"name": "openSUSE-SU-2019:2493",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00029.html"
},
{
"name": "openSUSE-SU-2019:2494",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00028.html"
},
{
"name": "GLSA-202003-31",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202003-31"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8",
"assignerShortName": "dwf",
"cveId": "CVE-2019-1010180",
"datePublished": "2019-07-24T12:01:08",
"dateReserved": "2019-03-20T00:00:00",
"dateUpdated": "2024-08-05T03:07:18.377Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-4355
Vulnerability from cvelistv5
Published
2013-03-04 21:00
Modified
2024-08-07 00:09
Severity ?
EPSS score ?
Summary
GNU Project Debugger (GDB) before 7.5, when .debug_gdb_scripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafted files such as Python scripts.
References
| ▼ | URL | Tags |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2013-0522.html | vendor-advisory, x_refsource_REDHAT | |
| http://sourceware.org/ml/gdb-patches/2011-04/msg00559.html | mailing-list, x_refsource_MLIST | |
| http://sourceware.org/ml/gdb-patches/2011-05/msg00202.html | mailing-list, x_refsource_MLIST | |
| http://sourceware.org/cgi-bin/cvsweb.cgi/~checkout~/src/gdb/NEWS?content-type=text/x-cvsweb-markup&cvsroot=src | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1028191 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:09:18.432Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2013:0522",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0522.html"
},
{
"name": "[gdb-patches] 20110429 Re: [RFA] Add $pdir as entry for libthread-db-search-path.",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://sourceware.org/ml/gdb-patches/2011-04/msg00559.html"
},
{
"name": "[gdb-patches] 20110506 Re: [RFA] Add $pdir as entry for libthread-db-search-path.",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://sourceware.org/ml/gdb-patches/2011-05/msg00202.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceware.org/cgi-bin/cvsweb.cgi/~checkout~/src/gdb/NEWS?content-type=text/x-cvsweb-markup\u0026cvsroot=src"
},
{
"name": "1028191",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1028191"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "GNU Project Debugger (GDB) before 7.5, when .debug_gdb_scripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafted files such as Python scripts."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-03-04T21:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2013:0522",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0522.html"
},
{
"name": "[gdb-patches] 20110429 Re: [RFA] Add $pdir as entry for libthread-db-search-path.",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://sourceware.org/ml/gdb-patches/2011-04/msg00559.html"
},
{
"name": "[gdb-patches] 20110506 Re: [RFA] Add $pdir as entry for libthread-db-search-path.",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://sourceware.org/ml/gdb-patches/2011-05/msg00202.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceware.org/cgi-bin/cvsweb.cgi/~checkout~/src/gdb/NEWS?content-type=text/x-cvsweb-markup\u0026cvsroot=src"
},
{
"name": "1028191",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1028191"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-4355",
"datePublished": "2013-03-04T21:00:00Z",
"dateReserved": "2011-11-04T00:00:00Z",
"dateUpdated": "2024-08-07T00:09:18.432Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-1705
Vulnerability from cvelistv5
Published
2005-05-24 04:00
Modified
2024-08-07 21:59
Severity ?
EPSS score ?
Summary
gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/17072 | third-party-advisory, x_refsource_SECUNIA | |
| http://secunia.com/advisories/18506 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.redhat.com/support/errata/RHSA-2005-709.html | vendor-advisory, x_refsource_REDHAT | |
| http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm | x_refsource_CONFIRM | |
| http://www.redhat.com/support/errata/RHSA-2005-801.html | vendor-advisory, x_refsource_REDHAT | |
| http://bugs.gentoo.org/show_bug.cgi?id=88398 | x_refsource_CONFIRM | |
| http://security.gentoo.org/glsa/glsa-200505-15.xml | vendor-advisory, x_refsource_GENTOO | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11072 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2005:095 | vendor-advisory, x_refsource_MANDRAKE | |
| http://secunia.com/advisories/17356 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:59:24.165Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "17072",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17072"
},
{
"name": "18506",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18506"
},
{
"name": "RHSA-2005:709",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-709.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm"
},
{
"name": "RHSA-2005:801",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-801.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=88398"
},
{
"name": "GLSA-200505-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200505-15.xml"
},
{
"name": "oval:org.mitre.oval:def:11072",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11072"
},
{
"name": "MDKSA-2005:095",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:095"
},
{
"name": "17356",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17356"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-05-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "17072",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17072"
},
{
"name": "18506",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18506"
},
{
"name": "RHSA-2005:709",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-709.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm"
},
{
"name": "RHSA-2005:801",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-801.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=88398"
},
{
"name": "GLSA-200505-15",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200505-15.xml"
},
{
"name": "oval:org.mitre.oval:def:11072",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11072"
},
{
"name": "MDKSA-2005:095",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:095"
},
{
"name": "17356",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17356"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1705",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "17072",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17072"
},
{
"name": "18506",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18506"
},
{
"name": "RHSA-2005:709",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-709.html"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm"
},
{
"name": "RHSA-2005:801",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-801.html"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=88398",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=88398"
},
{
"name": "GLSA-200505-15",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200505-15.xml"
},
{
"name": "oval:org.mitre.oval:def:11072",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11072"
},
{
"name": "MDKSA-2005:095",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:095"
},
{
"name": "17356",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17356"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-1705",
"datePublished": "2005-05-24T04:00:00",
"dateReserved": "2005-05-24T00:00:00",
"dateUpdated": "2024-08-07T21:59:24.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2023-07-25 19:15
Modified
2024-11-21 08:14
Severity ?
Summary
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap use after free via the function add_pe_exported_sym() at /gdb/coff-pe-read.c.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=30640 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=30640 | Issue Tracking, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:gdb:13.0.50.20220805-git:*:*:*:*:*:*:*",
"matchCriteriaId": "6BA8637C-7AB1-444C-89BB-DC9E196701A5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap use after free via the function add_pe_exported_sym() at /gdb/coff-pe-read.c."
}
],
"id": "CVE-2023-39129",
"lastModified": "2024-11-21T08:14:46.427",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-25T19:15:11.800",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30640"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30640"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-05-24 04:00
Modified
2024-11-20 23:57
Severity ?
Summary
Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:gdb:*:r2:*:*:*:*:*:*",
"matchCriteriaId": "54381A01-33D2-4B69-9E03-162E37081E06",
"versionEndIncluding": "6.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow."
}
],
"id": "CVE-2005-1704",
"lastModified": "2024-11-20T23:57:56.427",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-24T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc"
},
{
"source": "cve@mitre.org",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=91398"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=001060"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/15527"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17001"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17072"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17135"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17257"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17356"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17718"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/18506"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21122"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21262"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21717"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24788"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200505-15.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016544"
},
{
"source": "cve@mitre.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2005-222.pdf"
},
{
"source": "cve@mitre.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm"
},
{
"source": "cve@mitre.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-178.htm"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200506-01.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:095"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:215"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/16757"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-659.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-673.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-709.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-763.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-801.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0354.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0368.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/464745/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/13697"
},
{
"source": "cve@mitre.org",
"url": "http://www.trustix.org/errata/2005/0025/"
},
{
"source": "cve@mitre.org",
"url": "http://www.vmware.com/support/vi3/doc/esx-55052-patch.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/1267"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9071"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/136-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=91398"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=001060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/15527"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17072"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17135"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17257"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17356"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17718"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18506"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21122"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21262"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21717"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24788"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200505-15.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016544"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2005-222.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-178.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200506-01.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:215"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/16757"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-659.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-673.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-709.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-763.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-801.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0354.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0368.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/464745/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/13697"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.trustix.org/errata/2005/0025/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vmware.com/support/vi3/doc/esx-55052-patch.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/1267"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9071"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/136-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"lastModified": "2007-03-14T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-07-24 13:15
Modified
2024-11-21 04:18
Severity ?
Summary
GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:gdb:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2855B0DE-972E-4536-9D6E-3C57C4253177",
"versionEndExcluding": "9.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1E78106-58E6-4D59-990F-75DA575BFAD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet."
},
{
"lang": "es",
"value": "GNU gdb Todas las versiones se ven afectadas por: Desbordamiento de b\u00fafer - Acceso a memoria fuera de enlace. El impacto es: Denegaci\u00f3n de servicio, Divulgaci\u00f3n de memoria y Posible ejecuci\u00f3n de c\u00f3digo. El componente es: El m\u00f3dulo principal de gdb. El vector de ataque es: Abra un ELF para la depuraci\u00f3n. La versi\u00f3n arregladas es: A\u00fan no est\u00e1 arreglada."
}
],
"id": "CVE-2019-1010180",
"lastModified": "2024-11-21T04:18:01.790",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-07-24T13:15:10.997",
"references": [
{
"source": "josh@bress.net",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html"
},
{
"source": "josh@bress.net",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html"
},
{
"source": "josh@bress.net",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00028.html"
},
{
"source": "josh@bress.net",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00029.html"
},
{
"source": "josh@bress.net",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/109367"
},
{
"source": "josh@bress.net",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202003-31"
},
{
"source": "josh@bress.net",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=23657"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00029.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/109367"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/202003-31"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=23657"
}
],
"sourceIdentifier": "josh@bress.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-08-31 22:04
Modified
2024-11-21 00:15
Severity ?
Summary
Buffer overflow in the (1) DWARF (dwarfread.c) and (2) DWARF2 (dwarf2read.c) debugging code in GNU Debugger (GDB) 6.5 allows user-assisted attackers, or restricted users, to execute arbitrary code via a crafted file with a location block (DW_FORM_block) that contains a large number of operations.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:gdb:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF78BF4-DAE9-4BA2-8146-0DAABEBFB9B1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the (1) DWARF (dwarfread.c) and (2) DWARF2 (dwarf2read.c) debugging code in GNU Debugger (GDB) 6.5 allows user-assisted attackers, or restricted users, to execute arbitrary code via a crafted file with a location block (DW_FORM_block) that contains a large number of operations."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en el c\u00f3digo de depuraci\u00f3n (1) DWARF (dwarfread.c) y (2) DWARF2 (dwarf2read.c) en GNU Debugger (GDB) 6.5 permite a atacantes con la intervenci\u00f3n del usuario, o a usuarios restringidos, ejecutar c\u00f3digo de su elecci\u00f3n mediante un archivo creado artesanalmente con un bloque de posici\u00f3n (DW_FORM_block) que contenga un gran n\u00famero de operaciones."
}
],
"id": "CVE-2006-4146",
"lastModified": "2024-11-21T00:15:16.407",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2006-08-31T22:04:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"
},
{
"source": "cve@mitre.org",
"url": "http://docs.info.apple.com/article.html?artnum=304669"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2006/Oct/msg00000.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21713"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22205"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22662"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25098"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25632"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25894"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25934"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26909"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27706"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017138"
},
{
"source": "cve@mitre.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-253.htm"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/28318"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0229.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0469.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/19802"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-356-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/3433"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/4283"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204841"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10463"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://docs.info.apple.com/article.html?artnum=304669"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2006/Oct/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21713"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22662"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25632"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25894"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25934"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26909"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27706"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017138"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-253.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/28318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0229.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2007-0469.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/19802"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-356-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/3433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/4283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/3229"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204841"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10463"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Updates to address this issue are available for Red Hat Enterprise Linux 3 and 4:\nhttps://rhn.redhat.com/cve/CVE-2006-4146.html\n\nRed Hat Enterprise Linux 5 was not vulnerable to this issue as it contained a backported patch.",
"lastModified": "2009-06-01T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-25 19:15
Modified
2024-11-21 08:14
Severity ?
Summary
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=30639 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=30639 | Exploit, Issue Tracking, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:gdb:13.0.50.20220805-git:*:*:*:*:*:*:*",
"matchCriteriaId": "6BA8637C-7AB1-444C-89BB-DC9E196701A5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c."
}
],
"id": "CVE-2023-39128",
"lastModified": "2024-11-21T08:14:46.273",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-25T19:15:11.740",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30639"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30639"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-07-25 19:15
Modified
2024-11-21 08:14
Severity ?
Summary
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap buffer overflow via the function pe_as16() at /gdb/coff-pe-read.c.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=30641 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=30641 | Issue Tracking, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:gdb:13.0.50.20220805-git:*:*:*:*:*:*:*",
"matchCriteriaId": "6BA8637C-7AB1-444C-89BB-DC9E196701A5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap buffer overflow via the function pe_as16() at /gdb/coff-pe-read.c."
}
],
"id": "CVE-2023-39130",
"lastModified": "2024-11-21T08:14:46.580",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-25T19:15:11.857",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30641"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30641"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-05-24 04:00
Modified
2024-11-20 23:57
Severity ?
Summary
gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:gdb:*:r2:*:*:*:*:*:*",
"matchCriteriaId": "54381A01-33D2-4B69-9E03-162E37081E06",
"versionEndIncluding": "6.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb."
}
],
"id": "CVE-2005-1705",
"lastModified": "2024-11-20T23:57:56.620",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-24T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=88398"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17072"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/17356"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/18506"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200505-15.xml"
},
{
"source": "cve@mitre.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:095"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-709.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-801.html"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11072"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=88398"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17072"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17356"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18506"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200505-15.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-709.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-801.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11072"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
"lastModified": "2007-03-14T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-06-21 07:29
Modified
2024-11-21 03:36
Severity ?
Summary
GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for example, impede efforts to analyze malware with GDB.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/99244 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://sourceware.org/bugzilla/show_bug.cgi?id=21600 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/99244 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sourceware.org/bugzilla/show_bug.cgi?id=21600 | Issue Tracking, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:gdb:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1292783-2ED5-493B-9172-73DE7BD07FBB",
"versionEndIncluding": "8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for example, impede efforts to analyze malware with GDB."
},
{
"lang": "es",
"value": "GNU Debugger (GDB) en versiones 8.0 y anteriores no detecta un campo de longitud negativa en una secci\u00f3n DWARF. Una secci\u00f3n mal formada en un binario ELF o un archivo core puede hacer que GDB asigne memoria repetidamente hasta que se alcance el l\u00edmite de un proceso. Esto puede, por ejemplo, evitar que se analice malware con GDB."
}
],
"id": "CVE-2017-9778",
"lastModified": "2024-11-21T03:36:49.467",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-06-21T07:29:00.367",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99244"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=21600"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99244"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=21600"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "CWE-770"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-03-05 21:38
Modified
2024-11-21 01:32
Severity ?
Summary
GNU Project Debugger (GDB) before 7.5, when .debug_gdb_scripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafted files such as Python scripts.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | gdb | * | |
| gnu | gdb | 4.18 | |
| gnu | gdb | 5.0 | |
| gnu | gdb | 5.0.92 | |
| gnu | gdb | 5.0.93 | |
| gnu | gdb | 5.1 | |
| gnu | gdb | 5.1.1 | |
| gnu | gdb | 5.2 | |
| gnu | gdb | 5.2.1 | |
| gnu | gdb | 5.3 | |
| gnu | gdb | 6.0 | |
| gnu | gdb | 6.1 | |
| gnu | gdb | 6.1.1 | |
| gnu | gdb | 6.2 | |
| gnu | gdb | 6.2.1 | |
| gnu | gdb | 6.3 | |
| gnu | gdb | 6.4 | |
| gnu | gdb | 6.5 | |
| gnu | gdb | 6.6 | |
| gnu | gdb | 6.7 | |
| gnu | gdb | 6.7.1 | |
| gnu | gdb | 6.8 | |
| gnu | gdb | 7.0 | |
| gnu | gdb | 7.0.1 | |
| gnu | gdb | 7.1 | |
| gnu | gdb | 7.2 | |
| gnu | gdb | 7.3 | |
| gnu | gdb | 7.3.1 | |
| gnu | gdb | 7.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:gdb:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00292181-9124-4455-8D89-4DA98B18D55F",
"versionEndIncluding": "7.4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:gdb:4.18:*:*:*:*:*:*:*",
"matchCriteriaId": "1DFDC526-7E5F-4A20-8E57-B66F1D38DE05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:gdb:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16D34C25-D05C-451C-88E2-24F81FCAC422",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:gdb:5.0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "E446F5DE-2CE0-4BCB-90E2-7784C1B7FF87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:gdb:5.0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "5AA539B4-EECD-4ACA-A6A0-CC2F227327F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:gdb:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFDA6059-74D7-42F8-9050-4FE799BC5493",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:gdb:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7D1FF5DD-EA08-42BE-B15F-77471A789E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:gdb:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "79450E0C-9A5E-4B7B-A3C0-62EB53F88402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:gdb:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9B398336-87F4-4230-AECF-B171F1D35B55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:gdb:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0EC829F2-A2EA-4D9F-9C1C-CA601A6B913C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:gdb:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "476AE5E9-497C-487F-BF1B-D6A71E768E82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:gdb:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6EFF01B6-4DBE-4E1E-A3DD-761D255B6457",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:gdb:6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "96463304-7618-4DC4-BC7F-20C8BB867115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:gdb:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D90AB7BE-2537-4E43-B156-BDCD637A7CFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:gdb:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A3D4325-5DCA-4C46-974E-888028ABCC64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:gdb:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BECA9331-7A36-42A0-AEE9-E7C2E8180AA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:gdb:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B5C0145F-191A-483A-A3F0-6E6935F04B32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:gdb:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3AF78BF4-DAE9-4BA2-8146-0DAABEBFB9B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:gdb:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "62785B32-8CEA-45D1-88B8-F43C55B9FE00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:gdb:6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "63EB885C-5FAE-4F70-90EC-5851EEDADB24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:gdb:6.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B764BB01-D369-4380-AAF3-10CDD25CE28D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:gdb:6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C56500AB-7F96-4708-8C17-11CDF97770D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:gdb:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46D9CAAB-5BFD-4E2B-88A0-3101E7A9696A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:gdb:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8E9E8E80-C8E7-41B7-94B0-EE4D7926193B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:gdb:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AB6DB5FA-DD3D-4C0D-BA11-EF7DF9E18702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:gdb:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3E10B8AA-22C9-48AC-89F6-A68ADB51F956",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:gdb:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "80C4BFA4-642F-48FB-8EA1-533C3A2F5322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:gdb:7.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DD613C2F-98F9-4C0D-98E8-B04E0437B248",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:gdb:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FA3AB084-7C89-44CA-9B56-BA061430DF3E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "GNU Project Debugger (GDB) before 7.5, when .debug_gdb_scripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafted files such as Python scripts."
},
{
"lang": "es",
"value": "GNU Project Debugger (GDB) anterior a v7.5, cuando se define .debug_gdb_scripts, carga autom\u00e1ticamente ciertos archivos en el directorio de trabajo actual, permitiendo a usuarios locales obtener privilegios a trav\u00e9s de ficheros elaborados, tales como scripts en Python."
}
],
"id": "CVE-2011-4355",
"lastModified": "2024-11-21T01:32:18.020",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-03-05T21:38:53.887",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0522.html"
},
{
"source": "secalert@redhat.com",
"url": "http://sourceware.org/cgi-bin/cvsweb.cgi/~checkout~/src/gdb/NEWS?content-type=text/x-cvsweb-markup\u0026cvsroot=src"
},
{
"source": "secalert@redhat.com",
"url": "http://sourceware.org/ml/gdb-patches/2011-04/msg00559.html"
},
{
"source": "secalert@redhat.com",
"url": "http://sourceware.org/ml/gdb-patches/2011-05/msg00202.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id/1028191"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0522.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceware.org/cgi-bin/cvsweb.cgi/~checkout~/src/gdb/NEWS?content-type=text/x-cvsweb-markup\u0026cvsroot=src"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceware.org/ml/gdb-patches/2011-04/msg00559.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceware.org/ml/gdb-patches/2011-05/msg00202.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1028191"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}