CVE-2006-2362

Buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation GNU Binutils before 20060423, as used by GNU strings, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a file with a crafted Tektronix Hex Format (TekHex) record in which the length character is not a valid hexadecimal character.
Configurations

Configuration 1 (hide)

cpe:2.3:a:gnu:binutils:*:*:*:*:*:*:*:*

History

22 Dec 2023, 17:15

Type Values Removed Values Added
CWE NVD-CWE-Other CWE-787
References () http://www.mail-archive.com/bug-binutils%40gnu.org/msg01516.html - () http://www.mail-archive.com/bug-binutils%40gnu.org/msg01516.html - Issue Tracking, Mailing List

07 Nov 2023, 01:58

Type Values Removed Values Added
References
  • {'url': 'http://www.mail-archive.com/bug-binutils@gnu.org/msg01516.html', 'name': '[bug-binutils] 20060418 [Bug binutils/2584] New: SIGSEGV in strings tool when the file is crafted.', 'tags': ['Exploit', 'Third Party Advisory'], 'refsource': 'MLIST'}
  • () http://www.mail-archive.com/bug-binutils%40gnu.org/msg01516.html -

Information

Published : 2006-05-15 16:06

Updated : 2024-02-28 10:42


NVD link : CVE-2006-2362

Mitre link : CVE-2006-2362

CVE.ORG link : CVE-2006-2362


JSON object : View

Products Affected

gnu

  • binutils
CWE
CWE-787

Out-of-bounds Write