| Vulnerability Name: | CVE-2004-1287 (CCN-18540) | ||||||||||||||||
| Assigned: | 2004-12-15 | ||||||||||||||||
| Published: | 2004-12-15 | ||||||||||||||||
| Updated: | 2018-10-30 | ||||||||||||||||
| Summary: | Buffer overflow in the error function in preproc.c for NASM 0.98.38 1.2 allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2005-1194. | ||||||||||||||||
| CVSS v3 Severity: | 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||||||||||
| CVSS v2 Severity: | 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||||||||||
| Vulnerability Type: | CWE-Other | ||||||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||||||
| References: | Source: CCN Type: BugTraq Mailing List, Thu Dec 16 2004 - 03:47:12 CST DJB's students release 44 *nix software vulnerability advisories Source: MITRE Type: CNA CVE-2004-1287 Source: CCN Type: RHSA-2005-381 nasm security update Source: CCN Type: University of Illinois Chicago Web site NASM 0.98.38 error() overflows buff[] Source: MISC Type: Exploit, Vendor Advisory http://tigger.uic.edu/~jlongs2/holes/nasm.txt Source: CCN Type: CIAC Information Bulletin P-089 Buffer Overflow in 'nasm' Source: DEBIAN Type: DSA-623 nasm -- buffer overflow Source: CCN Type: GLSA-200412-20 NASM: Buffer overflow vulnerability Source: REDHAT Type: UNKNOWN RHSA-2005:381 Source: CCN Type: BID-11991 NASM Error Preprocessor Directive Buffer Overflow Vulnerability Source: CCN Type: TLSA-2005-26 Buffer overflow vulnerability exists in nasm Source: CCN Type: USN-45-1 nasm vulnerability Source: XF Type: UNKNOWN nasm-preprocc-bo(18540) Source: XF Type: UNKNOWN nasm-preprocc-bo(18540) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:11299 | ||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration RedHat 1:  Denotes that component is vulnerable | ||||||||||||||||
| Oval Definitions | |||||||||||||||||
| |||||||||||||||||
| BACK | |||||||||||||||||