PT-2017-13308 · Netwide+2 · Netwide Assembler+2
Owl337
·
Publicado
2017-09-09
·
Atualizado
2024-06-15
·
CVE-2017-14228
CVSS v3.1
5.5
Média
| Vetor | AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Netwide Assembler (NASM) version 2.14rc0
Description
The issue is related to an illegal address access in the
paste tokens() function in preproc.c, which can lead to a remote denial of service due to a NULL pointer dereference.Recommendations
For Netwide Assembler (NASM) version 2.14rc0, consider updating to a newer version that addresses this issue, as the current version contains a function
paste tokens() that is vulnerable to a NULL pointer dereference.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
DoS
NULL Pointer Dereference
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Netwide Assembler
Suse
Ubuntu