PT-2017-15020 · Netwide+2 · Netwide Assembler+2
Owl337
·
Publicado
2017-12-20
·
Atualizado
2024-06-15
·
CVE-2017-17815
CVSS v3.1
5.5
Média
| Vetor | AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Netwide Assembler (NASM) version 2.14rc0
Description
The issue is related to an illegal address access in the
is mmacro() function located in asm/preproc.c. This could lead to a remote denial of service attack due to the lack of a check for the relationship between the minimum and maximum parameter counts.Recommendations
For Netwide Assembler (NASM) version 2.14rc0, as a temporary workaround, consider restricting access to the
is mmacro() function in asm/preproc.c until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
DoS
Improper Check for Exceptional Conditions
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Netwide Assembler
Suse
Ubuntu