vulnerability

Oracle Solaris 11: CVE-2018-17360: Vulnerability in GNU binary utilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:N/A:P)	Sep 23, 2018	May 30, 2019	Feb 17, 2022

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:N/A:P)

Published

Sep 23, 2018

Added

May 30, 2019

Modified

Feb 17, 2022

Description

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfd_getl32 in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be triggered by the executable objdump.

Solutions

oracle-solaris-11-4-upgrade-developer-gnu-binutils-2-32-0-11-4-9-0-1-1-0oracle-solaris-11-4-upgrade-developer-gnu-binutils-cross-i386-2-32-0-11-4-9-0-1-1-0oracle-solaris-11-4-upgrade-developer-gnu-binutils-cross-sparc-2-32-0-11-4-9-0-1-1-0

References

CVE-2018-17360
https://attackerkb.com/topics/CVE-2018-17360
URL-https://support.oracle.com/epmos/faces/DocumentDisplay?id=1448883.1&displayIndex=1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today