NVD

Id
85563  
Name
CVE-2017-8393  
Description
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a global buffer over-read error because of an assumption made by code that runs for objcopy and strip, that SHT_REL/SHR_RELA sections are always named starting with a .rel/.rela prefix. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objcopy and strip, to crash.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:N/A:P)  
Pub Date
2017-05-27  
Published
2017-05-01  
Modified Date
2017-05-11  
Seq
2017-8393  

Actions

Related NVD References

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
67354 JVNDB-2017-003666 GNU Binutils の Binary File Descriptor ライブラリにおけるバッファエラーの脆弱性 GNU Binutils の Binary File Descriptor (BFD) ライブラリ (別名 libbfd) には、バッファエラーの脆弱性が存在します。 CVE-2017-8393 0 CVE-2017-8393 85563 5 7.5 http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-003666.html 2017-04-23 2017-06-02 View