All the vulnerabilites related to GNU - gdb
cve-2006-4146
Vulnerability from cvelistv5
Published
2006-08-31 22:00
Modified
2024-08-07 18:57
Severity ?
EPSS score ?
Summary
Buffer overflow in the (1) DWARF (dwarfread.c) and (2) DWARF2 (dwarf2read.c) debugging code in GNU Debugger (GDB) 6.5 allows user-assisted attackers, or restricted users, to execute arbitrary code via a crafted file with a location block (DW_FORM_block) that contains a large number of operations.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T18:57:46.146Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player", "tags": [ "mailing-list", "x_refsource_FULLDISC", "x_transferred" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html" }, { "name": "ADV-2006-4283", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/4283" }, { "name": "25098", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/25098" }, { "name": "GLSA-200711-23", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200711-23.xml" }, { "name": "25894", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/25894" }, { "name": "RHSA-2007:0469", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0469.html" }, { "name": "ADV-2007-3229", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/3229" }, { "name": "APPLE-SA-2006-10-31", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2006/Oct/msg00000.html" }, { "name": "28318", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/28318" }, { "name": "1017138", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1017138" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-253.htm" }, { "name": "oval:org.mitre.oval:def:10463", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10463" }, { "name": "RHSA-2007:0229", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0229.html" }, { "name": "22662", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22662" }, { "name": "25632", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/25632" }, { "name": "25934", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/25934" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://docs.info.apple.com/article.html?artnum=304669" }, { "name": "ADV-2006-3433", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2006/3433" }, { "name": "26909", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/26909" }, { "name": "27706", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27706" }, { "name": "21713", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21713" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204841" }, { "name": "22205", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/22205" }, { "name": "19802", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/19802" }, { "name": "20070602-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc" }, { "name": "USN-356-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-356-1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2006-08-31T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in the (1) DWARF (dwarfread.c) and (2) DWARF2 (dwarf2read.c) debugging code in GNU Debugger (GDB) 6.5 allows user-assisted attackers, or restricted users, to execute arbitrary code via a crafted file with a location block (DW_FORM_block) that contains a large number of operations." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player", "tags": [ "mailing-list", "x_refsource_FULLDISC" ], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html" }, { "name": "ADV-2006-4283", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/4283" }, { "name": "25098", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/25098" }, { "name": "GLSA-200711-23", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200711-23.xml" }, { "name": "25894", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/25894" }, { "name": "RHSA-2007:0469", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0469.html" }, { "name": "ADV-2007-3229", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/3229" }, { "name": "APPLE-SA-2006-10-31", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2006/Oct/msg00000.html" }, { "name": "28318", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/28318" }, { "name": "1017138", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1017138" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-253.htm" }, { "name": "oval:org.mitre.oval:def:10463", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10463" }, { "name": "RHSA-2007:0229", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2007-0229.html" }, { "name": "22662", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22662" }, { "name": "25632", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/25632" }, { "name": "25934", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/25934" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://docs.info.apple.com/article.html?artnum=304669" }, { "name": "ADV-2006-3433", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2006/3433" }, { "name": "26909", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/26909" }, { "name": "27706", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27706" }, { "name": "21713", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21713" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204841" }, { "name": "22205", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/22205" }, { "name": "19802", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/19802" }, { "name": "20070602-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc" }, { "name": "USN-356-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-356-1" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-4146", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in the (1) DWARF (dwarfread.c) and (2) DWARF2 (dwarf2read.c) debugging code in GNU Debugger (GDB) 6.5 allows user-assisted attackers, or restricted users, to execute arbitrary code via a crafted file with a location block (DW_FORM_block) that contains a large number of operations." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html" }, { "name": "ADV-2006-4283", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/4283" }, { "name": "25098", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25098" }, { "name": "GLSA-200711-23", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200711-23.xml" }, { "name": "25894", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25894" }, { "name": "RHSA-2007:0469", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-0469.html" }, { "name": "ADV-2007-3229", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/3229" }, { "name": "APPLE-SA-2006-10-31", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2006/Oct/msg00000.html" }, { "name": "28318", "refsource": "OSVDB", "url": "http://www.osvdb.org/28318" }, { "name": "1017138", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1017138" }, { "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-253.htm", "refsource": "CONFIRM", "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-253.htm" }, { "name": "oval:org.mitre.oval:def:10463", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10463" }, { "name": "RHSA-2007:0229", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-0229.html" }, { "name": "22662", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22662" }, { "name": "25632", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25632" }, { "name": "25934", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25934" }, { "name": "http://docs.info.apple.com/article.html?artnum=304669", "refsource": "CONFIRM", "url": "http://docs.info.apple.com/article.html?artnum=304669" }, { "name": "ADV-2006-3433", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3433" }, { "name": "26909", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26909" }, { "name": "27706", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27706" }, { "name": "21713", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21713" }, { "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204841", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204841" }, { "name": "22205", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22205" }, { "name": "19802", "refsource": "BID", "url": "http://www.securityfocus.com/bid/19802" }, { "name": "20070602-01-P", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc" }, { "name": "USN-356-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-356-1" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-4146", "datePublished": "2006-08-31T22:00:00", "dateReserved": "2006-08-15T00:00:00", "dateUpdated": "2024-08-07T18:57:46.146Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-39130
Vulnerability from cvelistv5
Published
2023-07-25 00:00
Modified
2024-10-24 14:11
Severity ?
EPSS score ?
Summary
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap buffer overflow via the function pe_as16() at /gdb/coff-pe-read.c.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T18:02:06.647Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30641" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:gnu:gdb:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "gdb", "vendor": "gnu", "versions": [ { "status": "affected", "version": "13.0.50.20220805-git" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-39130", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-24T14:08:38.678394Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-24T14:11:30.406Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap buffer overflow via the function pe_as16() at /gdb/coff-pe-read.c." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-07-25T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30641" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-39130", "datePublished": "2023-07-25T00:00:00", "dateReserved": "2023-07-25T00:00:00", "dateUpdated": "2024-10-24T14:11:30.406Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2005-1705
Vulnerability from cvelistv5
Published
2005-05-24 04:00
Modified
2024-08-07 21:59
Severity ?
EPSS score ?
Summary
gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb.
References
▼ | URL | Tags |
---|---|---|
http://secunia.com/advisories/17072 | third-party-advisory, x_refsource_SECUNIA | |
http://secunia.com/advisories/18506 | third-party-advisory, x_refsource_SECUNIA | |
http://www.redhat.com/support/errata/RHSA-2005-709.html | vendor-advisory, x_refsource_REDHAT | |
http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm | x_refsource_CONFIRM | |
http://www.redhat.com/support/errata/RHSA-2005-801.html | vendor-advisory, x_refsource_REDHAT | |
http://bugs.gentoo.org/show_bug.cgi?id=88398 | x_refsource_CONFIRM | |
http://security.gentoo.org/glsa/glsa-200505-15.xml | vendor-advisory, x_refsource_GENTOO | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11072 | vdb-entry, signature, x_refsource_OVAL | |
http://www.mandriva.com/security/advisories?name=MDKSA-2005:095 | vendor-advisory, x_refsource_MANDRAKE | |
http://secunia.com/advisories/17356 | third-party-advisory, x_refsource_SECUNIA |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T21:59:24.165Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "17072", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17072" }, { "name": "18506", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18506" }, { "name": "RHSA-2005:709", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-709.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm" }, { "name": "RHSA-2005:801", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-801.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://bugs.gentoo.org/show_bug.cgi?id=88398" }, { "name": "GLSA-200505-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200505-15.xml" }, { "name": "oval:org.mitre.oval:def:11072", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11072" }, { "name": "MDKSA-2005:095", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:095" }, { "name": "17356", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17356" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2005-05-20T00:00:00", "descriptions": [ { "lang": "en", "value": "gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "17072", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17072" }, { "name": "18506", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18506" }, { "name": "RHSA-2005:709", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-709.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm" }, { "name": "RHSA-2005:801", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-801.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://bugs.gentoo.org/show_bug.cgi?id=88398" }, { "name": "GLSA-200505-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200505-15.xml" }, { "name": "oval:org.mitre.oval:def:11072", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11072" }, { "name": "MDKSA-2005:095", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:095" }, { "name": "17356", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17356" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-1705", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "17072", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17072" }, { "name": "18506", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18506" }, { "name": "RHSA-2005:709", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-709.html" }, { "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm", "refsource": "CONFIRM", "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm" }, { "name": "RHSA-2005:801", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-801.html" }, { "name": "http://bugs.gentoo.org/show_bug.cgi?id=88398", "refsource": "CONFIRM", "url": "http://bugs.gentoo.org/show_bug.cgi?id=88398" }, { "name": "GLSA-200505-15", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200505-15.xml" }, { "name": "oval:org.mitre.oval:def:11072", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11072" }, { "name": "MDKSA-2005:095", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:095" }, { "name": "17356", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17356" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-1705", "datePublished": "2005-05-24T04:00:00", "dateReserved": "2005-05-24T00:00:00", "dateUpdated": "2024-08-07T21:59:24.165Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-39128
Vulnerability from cvelistv5
Published
2023-07-25 00:00
Modified
2024-10-24 14:12
Severity ?
EPSS score ?
Summary
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T18:02:05.133Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30639" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:gnu:gdb:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "gdb", "vendor": "gnu", "versions": [ { "status": "affected", "version": "13.0.50.20220805-git" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-39128", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-24T14:06:23.576735Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-24T14:12:09.968Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-07-25T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30639" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-39128", "datePublished": "2023-07-25T00:00:00", "dateReserved": "2023-07-25T00:00:00", "dateUpdated": "2024-10-24T14:12:09.968Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2005-1704
Vulnerability from cvelistv5
Published
2005-05-24 04:00
Modified
2024-08-07 21:59
Severity ?
EPSS score ?
Summary
Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T21:59:24.170Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "13697", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/13697" }, { "name": "17072", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17072" }, { "name": "21122", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21122" }, { "name": "2005-0025", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX", "x_transferred" ], "url": "http://www.trustix.org/errata/2005/0025/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-178.htm" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-222.pdf" }, { "name": "RHSA-2006:0368", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0368.html" }, { "name": "20070404 VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/464745/100/0/threaded" }, { "name": "18506", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/18506" }, { "name": "CLA-2006:1060", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA", "x_transferred" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=001060" }, { "name": "RHSA-2005:709", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-709.html" }, { "name": "ADV-2007-1267", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2007/1267" }, { "name": "21262", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21262" }, { "name": "RHSA-2005:673", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-673.html" }, { "name": "MDKSA-2005:215", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:215" }, { "name": "17001", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17001" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm" }, { "name": "RHSA-2006:0354", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0354.html" }, { "name": "RHSA-2005:801", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-801.html" }, { "name": "RHSA-2005:763", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-763.html" }, { "name": "24788", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/24788" }, { "name": "USN-136-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/136-1/" }, { "name": "GLSA-200505-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200505-15.xml" }, { "name": "GLSA-200506-01", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200506-01.xml" }, { "name": "oval:org.mitre.oval:def:9071", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9071" }, { "name": "MDKSA-2005:095", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:095" }, { "name": "15527", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/15527" }, { "name": "17257", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17257" }, { "name": "17135", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17135" }, { "name": "17356", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17356" }, { "name": "1016544", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1016544" }, { "name": "17718", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/17718" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://bugs.gentoo.org/show_bug.cgi?id=91398" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.vmware.com/support/vi3/doc/esx-55052-patch.html" }, { "name": "16757", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://www.osvdb.org/16757" }, { "name": "21717", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/21717" }, { "name": "RHSA-2005:659", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-659.html" }, { "name": "20060703-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI", "x_transferred" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2005-05-20T00:00:00", "descriptions": [ { "lang": "en", "value": "Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-19T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "13697", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/13697" }, { "name": "17072", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17072" }, { "name": "21122", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21122" }, { "name": "2005-0025", "tags": [ "vendor-advisory", "x_refsource_TRUSTIX" ], "url": "http://www.trustix.org/errata/2005/0025/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-178.htm" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-222.pdf" }, { "name": "RHSA-2006:0368", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0368.html" }, { "name": "20070404 VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/464745/100/0/threaded" }, { "name": "18506", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/18506" }, { "name": "CLA-2006:1060", "tags": [ "vendor-advisory", "x_refsource_CONECTIVA" ], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=001060" }, { "name": "RHSA-2005:709", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-709.html" }, { "name": "ADV-2007-1267", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2007/1267" }, { "name": "21262", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21262" }, { "name": "RHSA-2005:673", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-673.html" }, { "name": "MDKSA-2005:215", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:215" }, { "name": "17001", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17001" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm" }, { "name": "RHSA-2006:0354", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2006-0354.html" }, { "name": "RHSA-2005:801", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-801.html" }, { "name": "RHSA-2005:763", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-763.html" }, { "name": "24788", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/24788" }, { "name": "USN-136-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/136-1/" }, { "name": "GLSA-200505-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200505-15.xml" }, { "name": "GLSA-200506-01", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://www.gentoo.org/security/en/glsa/glsa-200506-01.xml" }, { "name": "oval:org.mitre.oval:def:9071", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9071" }, { "name": "MDKSA-2005:095", "tags": [ "vendor-advisory", "x_refsource_MANDRAKE" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:095" }, { "name": "15527", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/15527" }, { "name": "17257", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17257" }, { "name": "17135", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17135" }, { "name": "17356", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17356" }, { "name": "1016544", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1016544" }, { "name": "17718", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/17718" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://bugs.gentoo.org/show_bug.cgi?id=91398" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.vmware.com/support/vi3/doc/esx-55052-patch.html" }, { "name": "16757", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://www.osvdb.org/16757" }, { "name": "21717", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/21717" }, { "name": "RHSA-2005:659", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2005-659.html" }, { "name": "20060703-01-P", "tags": [ "vendor-advisory", "x_refsource_SGI" ], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-1704", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "13697", "refsource": "BID", "url": "http://www.securityfocus.com/bid/13697" }, { "name": "17072", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17072" }, { "name": "21122", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21122" }, { "name": "2005-0025", "refsource": "TRUSTIX", "url": "http://www.trustix.org/errata/2005/0025/" }, { "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-178.htm", "refsource": "CONFIRM", "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-178.htm" }, { "name": "http://support.avaya.com/elmodocs2/security/ASA-2005-222.pdf", "refsource": "CONFIRM", "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-222.pdf" }, { "name": "RHSA-2006:0368", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0368.html" }, { "name": "20070404 VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/464745/100/0/threaded" }, { "name": "18506", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18506" }, { "name": "CLA-2006:1060", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=001060" }, { "name": "RHSA-2005:709", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-709.html" }, { "name": "ADV-2007-1267", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/1267" }, { "name": "21262", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21262" }, { "name": "RHSA-2005:673", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-673.html" }, { "name": "MDKSA-2005:215", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:215" }, { "name": "17001", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17001" }, { "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm", "refsource": "CONFIRM", "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm" }, { "name": "RHSA-2006:0354", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0354.html" }, { "name": "RHSA-2005:801", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-801.html" }, { "name": "RHSA-2005:763", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-763.html" }, { "name": "24788", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24788" }, { "name": "USN-136-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/136-1/" }, { "name": "GLSA-200505-15", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200505-15.xml" }, { "name": "GLSA-200506-01", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200506-01.xml" }, { "name": "oval:org.mitre.oval:def:9071", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9071" }, { "name": "MDKSA-2005:095", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:095" }, { "name": "15527", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/15527" }, { "name": "17257", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17257" }, { "name": "17135", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17135" }, { "name": "17356", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17356" }, { "name": "1016544", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016544" }, { "name": "17718", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/17718" }, { "name": "http://bugs.gentoo.org/show_bug.cgi?id=91398", "refsource": "CONFIRM", "url": "http://bugs.gentoo.org/show_bug.cgi?id=91398" }, { "name": "http://www.vmware.com/support/vi3/doc/esx-55052-patch.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/support/vi3/doc/esx-55052-patch.html" }, { "name": "16757", "refsource": "OSVDB", "url": "http://www.osvdb.org/16757" }, { "name": "21717", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21717" }, { "name": "RHSA-2005:659", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-659.html" }, { "name": "20060703-01-P", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-1704", "datePublished": "2005-05-24T04:00:00", "dateReserved": "2005-05-24T00:00:00", "dateUpdated": "2024-08-07T21:59:24.170Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2019-1010180
Vulnerability from cvelistv5
Published
2019-07-24 12:01
Modified
2024-08-05 03:07
Severity ?
EPSS score ?
Summary
GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.
References
▼ | URL | Tags |
---|---|---|
https://sourceware.org/bugzilla/show_bug.cgi?id=23657 | x_refsource_MISC | |
http://www.securityfocus.com/bid/109367 | vdb-entry, x_refsource_BID | |
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00029.html | vendor-advisory, x_refsource_SUSE | |
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00028.html | vendor-advisory, x_refsource_SUSE | |
https://security.gentoo.org/glsa/202003-31 | vendor-advisory, x_refsource_GENTOO |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T03:07:18.377Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=23657" }, { "name": "109367", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/109367" }, { "name": "openSUSE-SU-2019:2415", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html" }, { "name": "openSUSE-SU-2019:2432", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html" }, { "name": "openSUSE-SU-2019:2493", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00029.html" }, { "name": "openSUSE-SU-2019:2494", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00028.html" }, { "name": "GLSA-202003-31", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202003-31" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "gdb", "vendor": "GNU", "versions": [ { "status": "affected", "version": "All versions (At least as of date 2018-09-16)" } ] } ], "descriptions": [ { "lang": "en", "value": "GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet." } ], "problemTypes": [ { "descriptions": [ { "description": "Buffer Overflow - Out of bound memory access", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2020-03-15T20:05:59", "orgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8", "shortName": "dwf" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=23657" }, { "name": "109367", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/109367" }, { "name": "openSUSE-SU-2019:2415", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html" }, { "name": "openSUSE-SU-2019:2432", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html" }, { "name": "openSUSE-SU-2019:2493", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00029.html" }, { "name": "openSUSE-SU-2019:2494", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00028.html" }, { "name": "GLSA-202003-31", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202003-31" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve-assign@distributedweaknessfiling.org", "ID": "CVE-2019-1010180", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "gdb", "version": { "version_data": [ { "version_value": "All versions (At least as of date 2018-09-16)" } ] } } ] }, "vendor_name": "GNU" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Buffer Overflow - Out of bound memory access" } ] } ] }, "references": { "reference_data": [ { "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=23657", "refsource": "MISC", "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=23657" }, { "name": "109367", "refsource": "BID", "url": "http://www.securityfocus.com/bid/109367" }, { "name": "openSUSE-SU-2019:2415", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html" }, { "name": "openSUSE-SU-2019:2432", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html" }, { "name": "openSUSE-SU-2019:2493", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00029.html" }, { "name": "openSUSE-SU-2019:2494", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00028.html" }, { "name": "GLSA-202003-31", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202003-31" } ] } } } }, "cveMetadata": { "assignerOrgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8", "assignerShortName": "dwf", "cveId": "CVE-2019-1010180", "datePublished": "2019-07-24T12:01:08", "dateReserved": "2019-03-20T00:00:00", "dateUpdated": "2024-08-05T03:07:18.377Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2011-4355
Vulnerability from cvelistv5
Published
2013-03-04 21:00
Modified
2024-08-07 00:09
Severity ?
EPSS score ?
Summary
GNU Project Debugger (GDB) before 7.5, when .debug_gdb_scripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafted files such as Python scripts.
References
▼ | URL | Tags |
---|---|---|
http://rhn.redhat.com/errata/RHSA-2013-0522.html | vendor-advisory, x_refsource_REDHAT | |
http://sourceware.org/ml/gdb-patches/2011-04/msg00559.html | mailing-list, x_refsource_MLIST | |
http://sourceware.org/ml/gdb-patches/2011-05/msg00202.html | mailing-list, x_refsource_MLIST | |
http://sourceware.org/cgi-bin/cvsweb.cgi/~checkout~/src/gdb/NEWS?content-type=text/x-cvsweb-markup&cvsroot=src | x_refsource_CONFIRM | |
http://www.securitytracker.com/id/1028191 | vdb-entry, x_refsource_SECTRACK |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T00:09:18.432Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2013:0522", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0522.html" }, { "name": "[gdb-patches] 20110429 Re: [RFA] Add $pdir as entry for libthread-db-search-path.", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://sourceware.org/ml/gdb-patches/2011-04/msg00559.html" }, { "name": "[gdb-patches] 20110506 Re: [RFA] Add $pdir as entry for libthread-db-search-path.", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://sourceware.org/ml/gdb-patches/2011-05/msg00202.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://sourceware.org/cgi-bin/cvsweb.cgi/~checkout~/src/gdb/NEWS?content-type=text/x-cvsweb-markup\u0026cvsroot=src" }, { "name": "1028191", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1028191" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "GNU Project Debugger (GDB) before 7.5, when .debug_gdb_scripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafted files such as Python scripts." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2013-03-04T21:00:00Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2013:0522", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0522.html" }, { "name": "[gdb-patches] 20110429 Re: [RFA] Add $pdir as entry for libthread-db-search-path.", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://sourceware.org/ml/gdb-patches/2011-04/msg00559.html" }, { "name": "[gdb-patches] 20110506 Re: [RFA] Add $pdir as entry for libthread-db-search-path.", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://sourceware.org/ml/gdb-patches/2011-05/msg00202.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://sourceware.org/cgi-bin/cvsweb.cgi/~checkout~/src/gdb/NEWS?content-type=text/x-cvsweb-markup\u0026cvsroot=src" }, { "name": "1028191", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1028191" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2011-4355", "datePublished": "2013-03-04T21:00:00Z", "dateReserved": "2011-11-04T00:00:00Z", "dateUpdated": "2024-08-07T00:09:18.432Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-39129
Vulnerability from cvelistv5
Published
2023-07-25 00:00
Modified
2024-10-24 14:10
Severity ?
EPSS score ?
Summary
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap use after free via the function add_pe_exported_sym() at /gdb/coff-pe-read.c.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T18:02:05.225Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30640" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:gnu:gdb:-:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "gdb", "vendor": "gnu", "versions": [ { "status": "affected", "version": "13.0.50.20220805-git" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-39129", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-24T14:08:58.714252Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-24T14:10:49.318Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap use after free via the function add_pe_exported_sym() at /gdb/coff-pe-read.c." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-07-25T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30640" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-39129", "datePublished": "2023-07-25T00:00:00", "dateReserved": "2023-07-25T00:00:00", "dateUpdated": "2024-10-24T14:10:49.318Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2017-9778
Vulnerability from cvelistv5
Published
2017-06-21 07:00
Modified
2024-08-05 17:18
Severity ?
EPSS score ?
Summary
GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for example, impede efforts to analyze malware with GDB.
References
▼ | URL | Tags |
---|---|---|
https://sourceware.org/bugzilla/show_bug.cgi?id=21600 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/99244 | vdb-entry, x_refsource_BID |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T17:18:02.165Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=21600" }, { "name": "99244", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/99244" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2017-06-21T00:00:00", "descriptions": [ { "lang": "en", "value": "GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for example, impede efforts to analyze malware with GDB." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-06-26T09:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=21600" }, { "name": "99244", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/99244" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-9778", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for example, impede efforts to analyze malware with GDB." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=21600", "refsource": "CONFIRM", "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=21600" }, { "name": "99244", "refsource": "BID", "url": "http://www.securityfocus.com/bid/99244" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-9778", "datePublished": "2017-06-21T07:00:00", "dateReserved": "2017-06-21T00:00:00", "dateUpdated": "2024-08-05T17:18:02.165Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }