Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations
NameCVE-2018-20671First vendor Publication2019-01-04
VendorCveLast vendor Modification2019-01-14

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:N/I:N/A:P)
Cvss Base Score4.3Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20671

CWE : Common Weakness Enumeration

%idName
100 %CWE-190Integer Overflow or Wraparound (CWE/SANS Top 25)

CPE : Common Platform Enumeration

TypeDescriptionCount
Application10

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/106457
MISC https://sourceware.org/bugzilla/show_bug.cgi?id=24005
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=11fa9f134fd658075c...

Alert History

If you want to see full details history, please login or register.
0
1
2
DateInformations
2019-01-15 00:18:54
  • Multiple Updates
2019-01-07 17:15:48
  • Multiple Updates
2019-01-04 21:20:12
  • First insertion