All the vulnerabilites related to GNU - gdb
cve-2023-39128
Vulnerability from cvelistv5
Published
2023-07-25 00:00
Modified
2024-10-24 14:12
Severity ?
Summary
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c.
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T18:02:05.133Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30639"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:gnu:gdb:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "gdb",
            "vendor": "gnu",
            "versions": [
              {
                "status": "affected",
                "version": "13.0.50.20220805-git"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-39128",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-24T14:06:23.576735Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-24T14:12:09.968Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-25T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30639"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-39128",
    "datePublished": "2023-07-25T00:00:00",
    "dateReserved": "2023-07-25T00:00:00",
    "dateUpdated": "2024-10-24T14:12:09.968Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2011-4355
Vulnerability from cvelistv5
Published
2013-03-04 21:00
Modified
2024-08-07 00:09
Severity ?
Summary
GNU Project Debugger (GDB) before 7.5, when .debug_gdb_scripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafted files such as Python scripts.
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:09:18.432Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2013:0522",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0522.html"
          },
          {
            "name": "[gdb-patches] 20110429 Re: [RFA] Add $pdir as entry for libthread-db-search-path.",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://sourceware.org/ml/gdb-patches/2011-04/msg00559.html"
          },
          {
            "name": "[gdb-patches] 20110506 Re: [RFA] Add $pdir as entry for libthread-db-search-path.",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://sourceware.org/ml/gdb-patches/2011-05/msg00202.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sourceware.org/cgi-bin/cvsweb.cgi/~checkout~/src/gdb/NEWS?content-type=text/x-cvsweb-markup\u0026cvsroot=src"
          },
          {
            "name": "1028191",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1028191"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "GNU Project Debugger (GDB) before 7.5, when .debug_gdb_scripts is defined, automatically loads certain files from the current working directory, which allows local users to gain privileges via crafted files such as Python scripts."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-03-04T21:00:00Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2013:0522",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0522.html"
        },
        {
          "name": "[gdb-patches] 20110429 Re: [RFA] Add $pdir as entry for libthread-db-search-path.",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://sourceware.org/ml/gdb-patches/2011-04/msg00559.html"
        },
        {
          "name": "[gdb-patches] 20110506 Re: [RFA] Add $pdir as entry for libthread-db-search-path.",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://sourceware.org/ml/gdb-patches/2011-05/msg00202.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sourceware.org/cgi-bin/cvsweb.cgi/~checkout~/src/gdb/NEWS?content-type=text/x-cvsweb-markup\u0026cvsroot=src"
        },
        {
          "name": "1028191",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1028191"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-4355",
    "datePublished": "2013-03-04T21:00:00Z",
    "dateReserved": "2011-11-04T00:00:00Z",
    "dateUpdated": "2024-08-07T00:09:18.432Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-1704
Vulnerability from cvelistv5
Published
2005-05-24 04:00
Modified
2024-08-07 21:59
Severity ?
Summary
Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow.
References
http://www.securityfocus.com/bid/13697vdb-entry, x_refsource_BID
http://secunia.com/advisories/17072third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/21122third-party-advisory, x_refsource_SECUNIA
http://www.trustix.org/errata/2005/0025/vendor-advisory, x_refsource_TRUSTIX
http://support.avaya.com/elmodocs2/security/ASA-2006-178.htmx_refsource_CONFIRM
http://support.avaya.com/elmodocs2/security/ASA-2005-222.pdfx_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2006-0368.htmlvendor-advisory, x_refsource_REDHAT
http://www.securityfocus.com/archive/1/464745/100/0/threadedmailing-list, x_refsource_BUGTRAQ
http://secunia.com/advisories/18506third-party-advisory, x_refsource_SECUNIA
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=001060vendor-advisory, x_refsource_CONECTIVA
http://www.redhat.com/support/errata/RHSA-2005-709.htmlvendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2007/1267vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/21262third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2005-673.htmlvendor-advisory, x_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDKSA-2005:215vendor-advisory, x_refsource_MANDRAKE
http://secunia.com/advisories/17001third-party-advisory, x_refsource_SECUNIA
http://support.avaya.com/elmodocs2/security/ASA-2006-015.htmx_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2006-0354.htmlvendor-advisory, x_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2005-801.htmlvendor-advisory, x_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2005-763.htmlvendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/24788third-party-advisory, x_refsource_SECUNIA
https://usn.ubuntu.com/136-1/vendor-advisory, x_refsource_UBUNTU
http://security.gentoo.org/glsa/glsa-200505-15.xmlvendor-advisory, x_refsource_GENTOO
http://www.gentoo.org/security/en/glsa/glsa-200506-01.xmlvendor-advisory, x_refsource_GENTOO
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9071vdb-entry, signature, x_refsource_OVAL
http://www.mandriva.com/security/advisories?name=MDKSA-2005:095vendor-advisory, x_refsource_MANDRAKE
http://secunia.com/advisories/15527third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17257third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17135third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/17356third-party-advisory, x_refsource_SECUNIA
http://securitytracker.com/id?1016544vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/17718third-party-advisory, x_refsource_SECUNIA
http://bugs.gentoo.org/show_bug.cgi?id=91398x_refsource_CONFIRM
http://www.vmware.com/support/vi3/doc/esx-55052-patch.htmlx_refsource_CONFIRM
http://www.osvdb.org/16757vdb-entry, x_refsource_OSVDB
http://secunia.com/advisories/21717third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2005-659.htmlvendor-advisory, x_refsource_REDHAT
ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.ascvendor-advisory, x_refsource_SGI
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:59:24.170Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "13697",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/13697"
          },
          {
            "name": "17072",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17072"
          },
          {
            "name": "21122",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21122"
          },
          {
            "name": "2005-0025",
            "tags": [
              "vendor-advisory",
              "x_refsource_TRUSTIX",
              "x_transferred"
            ],
            "url": "http://www.trustix.org/errata/2005/0025/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-178.htm"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-222.pdf"
          },
          {
            "name": "RHSA-2006:0368",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0368.html"
          },
          {
            "name": "20070404 VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/464745/100/0/threaded"
          },
          {
            "name": "18506",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18506"
          },
          {
            "name": "CLA-2006:1060",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=001060"
          },
          {
            "name": "RHSA-2005:709",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-709.html"
          },
          {
            "name": "ADV-2007-1267",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1267"
          },
          {
            "name": "21262",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21262"
          },
          {
            "name": "RHSA-2005:673",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-673.html"
          },
          {
            "name": "MDKSA-2005:215",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:215"
          },
          {
            "name": "17001",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17001"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm"
          },
          {
            "name": "RHSA-2006:0354",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0354.html"
          },
          {
            "name": "RHSA-2005:801",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-801.html"
          },
          {
            "name": "RHSA-2005:763",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-763.html"
          },
          {
            "name": "24788",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24788"
          },
          {
            "name": "USN-136-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/136-1/"
          },
          {
            "name": "GLSA-200505-15",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200505-15.xml"
          },
          {
            "name": "GLSA-200506-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200506-01.xml"
          },
          {
            "name": "oval:org.mitre.oval:def:9071",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9071"
          },
          {
            "name": "MDKSA-2005:095",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:095"
          },
          {
            "name": "15527",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/15527"
          },
          {
            "name": "17257",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17257"
          },
          {
            "name": "17135",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17135"
          },
          {
            "name": "17356",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17356"
          },
          {
            "name": "1016544",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016544"
          },
          {
            "name": "17718",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17718"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=91398"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/vi3/doc/esx-55052-patch.html"
          },
          {
            "name": "16757",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/16757"
          },
          {
            "name": "21717",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21717"
          },
          {
            "name": "RHSA-2005:659",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-659.html"
          },
          {
            "name": "20060703-01-P",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-05-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "13697",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/13697"
        },
        {
          "name": "17072",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17072"
        },
        {
          "name": "21122",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21122"
        },
        {
          "name": "2005-0025",
          "tags": [
            "vendor-advisory",
            "x_refsource_TRUSTIX"
          ],
          "url": "http://www.trustix.org/errata/2005/0025/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-178.htm"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-222.pdf"
        },
        {
          "name": "RHSA-2006:0368",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0368.html"
        },
        {
          "name": "20070404 VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/464745/100/0/threaded"
        },
        {
          "name": "18506",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18506"
        },
        {
          "name": "CLA-2006:1060",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=001060"
        },
        {
          "name": "RHSA-2005:709",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-709.html"
        },
        {
          "name": "ADV-2007-1267",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1267"
        },
        {
          "name": "21262",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21262"
        },
        {
          "name": "RHSA-2005:673",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-673.html"
        },
        {
          "name": "MDKSA-2005:215",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:215"
        },
        {
          "name": "17001",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17001"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm"
        },
        {
          "name": "RHSA-2006:0354",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0354.html"
        },
        {
          "name": "RHSA-2005:801",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-801.html"
        },
        {
          "name": "RHSA-2005:763",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-763.html"
        },
        {
          "name": "24788",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24788"
        },
        {
          "name": "USN-136-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/136-1/"
        },
        {
          "name": "GLSA-200505-15",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200505-15.xml"
        },
        {
          "name": "GLSA-200506-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200506-01.xml"
        },
        {
          "name": "oval:org.mitre.oval:def:9071",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9071"
        },
        {
          "name": "MDKSA-2005:095",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:095"
        },
        {
          "name": "15527",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/15527"
        },
        {
          "name": "17257",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17257"
        },
        {
          "name": "17135",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17135"
        },
        {
          "name": "17356",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17356"
        },
        {
          "name": "1016544",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016544"
        },
        {
          "name": "17718",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17718"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.gentoo.org/show_bug.cgi?id=91398"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/support/vi3/doc/esx-55052-patch.html"
        },
        {
          "name": "16757",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/16757"
        },
        {
          "name": "21717",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21717"
        },
        {
          "name": "RHSA-2005:659",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-659.html"
        },
        {
          "name": "20060703-01-P",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-1704",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "13697",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/13697"
            },
            {
              "name": "17072",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17072"
            },
            {
              "name": "21122",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21122"
            },
            {
              "name": "2005-0025",
              "refsource": "TRUSTIX",
              "url": "http://www.trustix.org/errata/2005/0025/"
            },
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-178.htm",
              "refsource": "CONFIRM",
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-178.htm"
            },
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2005-222.pdf",
              "refsource": "CONFIRM",
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-222.pdf"
            },
            {
              "name": "RHSA-2006:0368",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0368.html"
            },
            {
              "name": "20070404 VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/464745/100/0/threaded"
            },
            {
              "name": "18506",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18506"
            },
            {
              "name": "CLA-2006:1060",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=001060"
            },
            {
              "name": "RHSA-2005:709",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-709.html"
            },
            {
              "name": "ADV-2007-1267",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/1267"
            },
            {
              "name": "21262",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21262"
            },
            {
              "name": "RHSA-2005:673",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-673.html"
            },
            {
              "name": "MDKSA-2005:215",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:215"
            },
            {
              "name": "17001",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17001"
            },
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm",
              "refsource": "CONFIRM",
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm"
            },
            {
              "name": "RHSA-2006:0354",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0354.html"
            },
            {
              "name": "RHSA-2005:801",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-801.html"
            },
            {
              "name": "RHSA-2005:763",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-763.html"
            },
            {
              "name": "24788",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24788"
            },
            {
              "name": "USN-136-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/136-1/"
            },
            {
              "name": "GLSA-200505-15",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200505-15.xml"
            },
            {
              "name": "GLSA-200506-01",
              "refsource": "GENTOO",
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200506-01.xml"
            },
            {
              "name": "oval:org.mitre.oval:def:9071",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9071"
            },
            {
              "name": "MDKSA-2005:095",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:095"
            },
            {
              "name": "15527",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/15527"
            },
            {
              "name": "17257",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17257"
            },
            {
              "name": "17135",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17135"
            },
            {
              "name": "17356",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17356"
            },
            {
              "name": "1016544",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016544"
            },
            {
              "name": "17718",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17718"
            },
            {
              "name": "http://bugs.gentoo.org/show_bug.cgi?id=91398",
              "refsource": "CONFIRM",
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=91398"
            },
            {
              "name": "http://www.vmware.com/support/vi3/doc/esx-55052-patch.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/support/vi3/doc/esx-55052-patch.html"
            },
            {
              "name": "16757",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/16757"
            },
            {
              "name": "21717",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21717"
            },
            {
              "name": "RHSA-2005:659",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-659.html"
            },
            {
              "name": "20060703-01-P",
              "refsource": "SGI",
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-1704",
    "datePublished": "2005-05-24T04:00:00",
    "dateReserved": "2005-05-24T00:00:00",
    "dateUpdated": "2024-08-07T21:59:24.170Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2006-4146
Vulnerability from cvelistv5
Published
2006-08-31 22:00
Modified
2024-08-07 18:57
Severity ?
Summary
Buffer overflow in the (1) DWARF (dwarfread.c) and (2) DWARF2 (dwarf2read.c) debugging code in GNU Debugger (GDB) 6.5 allows user-assisted attackers, or restricted users, to execute arbitrary code via a crafted file with a location block (DW_FORM_block) that contains a large number of operations.
References
http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.htmlmailing-list, x_refsource_FULLDISC
http://www.vupen.com/english/advisories/2006/4283vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/25098third-party-advisory, x_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-200711-23.xmlvendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/25894third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2007-0469.htmlvendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2007/3229vdb-entry, x_refsource_VUPEN
http://lists.apple.com/archives/security-announce/2006/Oct/msg00000.htmlvendor-advisory, x_refsource_APPLE
http://www.osvdb.org/28318vdb-entry, x_refsource_OSVDB
http://securitytracker.com/id?1017138vdb-entry, x_refsource_SECTRACK
http://support.avaya.com/elmodocs2/security/ASA-2007-253.htmx_refsource_CONFIRM
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10463vdb-entry, signature, x_refsource_OVAL
http://www.redhat.com/support/errata/RHSA-2007-0229.htmlvendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/22662third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/25632third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/25934third-party-advisory, x_refsource_SECUNIA
http://docs.info.apple.com/article.html?artnum=304669x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2006/3433vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/26909third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/27706third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/21713third-party-advisory, x_refsource_SECUNIA
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204841x_refsource_CONFIRM
http://secunia.com/advisories/22205third-party-advisory, x_refsource_SECUNIA
http://www.securityfocus.com/bid/19802vdb-entry, x_refsource_BID
ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.ascvendor-advisory, x_refsource_SGI
http://www.ubuntu.com/usn/usn-356-1vendor-advisory, x_refsource_UBUNTU
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T18:57:46.146Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
          },
          {
            "name": "ADV-2006-4283",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/4283"
          },
          {
            "name": "25098",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25098"
          },
          {
            "name": "GLSA-200711-23",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
          },
          {
            "name": "25894",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25894"
          },
          {
            "name": "RHSA-2007:0469",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0469.html"
          },
          {
            "name": "ADV-2007-3229",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3229"
          },
          {
            "name": "APPLE-SA-2006-10-31",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2006/Oct/msg00000.html"
          },
          {
            "name": "28318",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/28318"
          },
          {
            "name": "1017138",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1017138"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-253.htm"
          },
          {
            "name": "oval:org.mitre.oval:def:10463",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10463"
          },
          {
            "name": "RHSA-2007:0229",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2007-0229.html"
          },
          {
            "name": "22662",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22662"
          },
          {
            "name": "25632",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25632"
          },
          {
            "name": "25934",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25934"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://docs.info.apple.com/article.html?artnum=304669"
          },
          {
            "name": "ADV-2006-3433",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/3433"
          },
          {
            "name": "26909",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26909"
          },
          {
            "name": "27706",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27706"
          },
          {
            "name": "21713",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/21713"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204841"
          },
          {
            "name": "22205",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22205"
          },
          {
            "name": "19802",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/19802"
          },
          {
            "name": "20070602-01-P",
            "tags": [
              "vendor-advisory",
              "x_refsource_SGI",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"
          },
          {
            "name": "USN-356-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-356-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-08-31T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the (1) DWARF (dwarfread.c) and (2) DWARF2 (dwarf2read.c) debugging code in GNU Debugger (GDB) 6.5 allows user-assisted attackers, or restricted users, to execute arbitrary code via a crafted file with a location block (DW_FORM_block) that contains a large number of operations."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
        },
        {
          "name": "ADV-2006-4283",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/4283"
        },
        {
          "name": "25098",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25098"
        },
        {
          "name": "GLSA-200711-23",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
        },
        {
          "name": "25894",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25894"
        },
        {
          "name": "RHSA-2007:0469",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0469.html"
        },
        {
          "name": "ADV-2007-3229",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3229"
        },
        {
          "name": "APPLE-SA-2006-10-31",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2006/Oct/msg00000.html"
        },
        {
          "name": "28318",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/28318"
        },
        {
          "name": "1017138",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1017138"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-253.htm"
        },
        {
          "name": "oval:org.mitre.oval:def:10463",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10463"
        },
        {
          "name": "RHSA-2007:0229",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2007-0229.html"
        },
        {
          "name": "22662",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22662"
        },
        {
          "name": "25632",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25632"
        },
        {
          "name": "25934",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25934"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://docs.info.apple.com/article.html?artnum=304669"
        },
        {
          "name": "ADV-2006-3433",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/3433"
        },
        {
          "name": "26909",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26909"
        },
        {
          "name": "27706",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27706"
        },
        {
          "name": "21713",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/21713"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204841"
        },
        {
          "name": "22205",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22205"
        },
        {
          "name": "19802",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/19802"
        },
        {
          "name": "20070602-01-P",
          "tags": [
            "vendor-advisory",
            "x_refsource_SGI"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"
        },
        {
          "name": "USN-356-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-356-1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-4146",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the (1) DWARF (dwarfread.c) and (2) DWARF2 (dwarf2read.c) debugging code in GNU Debugger (GDB) 6.5 allows user-assisted attackers, or restricted users, to execute arbitrary code via a crafted file with a location block (DW_FORM_block) that contains a large number of operations."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player",
              "refsource": "FULLDISC",
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html"
            },
            {
              "name": "ADV-2006-4283",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/4283"
            },
            {
              "name": "25098",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25098"
            },
            {
              "name": "GLSA-200711-23",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200711-23.xml"
            },
            {
              "name": "25894",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25894"
            },
            {
              "name": "RHSA-2007:0469",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0469.html"
            },
            {
              "name": "ADV-2007-3229",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3229"
            },
            {
              "name": "APPLE-SA-2006-10-31",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2006/Oct/msg00000.html"
            },
            {
              "name": "28318",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/28318"
            },
            {
              "name": "1017138",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1017138"
            },
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-253.htm",
              "refsource": "CONFIRM",
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-253.htm"
            },
            {
              "name": "oval:org.mitre.oval:def:10463",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10463"
            },
            {
              "name": "RHSA-2007:0229",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2007-0229.html"
            },
            {
              "name": "22662",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22662"
            },
            {
              "name": "25632",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25632"
            },
            {
              "name": "25934",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25934"
            },
            {
              "name": "http://docs.info.apple.com/article.html?artnum=304669",
              "refsource": "CONFIRM",
              "url": "http://docs.info.apple.com/article.html?artnum=304669"
            },
            {
              "name": "ADV-2006-3433",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/3433"
            },
            {
              "name": "26909",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26909"
            },
            {
              "name": "27706",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27706"
            },
            {
              "name": "21713",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/21713"
            },
            {
              "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204841",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=204841"
            },
            {
              "name": "22205",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22205"
            },
            {
              "name": "19802",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/19802"
            },
            {
              "name": "20070602-01-P",
              "refsource": "SGI",
              "url": "ftp://patches.sgi.com/support/free/security/advisories/20070602-01-P.asc"
            },
            {
              "name": "USN-356-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/usn-356-1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-4146",
    "datePublished": "2006-08-31T22:00:00",
    "dateReserved": "2006-08-15T00:00:00",
    "dateUpdated": "2024-08-07T18:57:46.146Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-39129
Vulnerability from cvelistv5
Published
2023-07-25 00:00
Modified
2024-10-24 14:10
Severity ?
Summary
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap use after free via the function add_pe_exported_sym() at /gdb/coff-pe-read.c.
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T18:02:05.225Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30640"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:gnu:gdb:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "gdb",
            "vendor": "gnu",
            "versions": [
              {
                "status": "affected",
                "version": "13.0.50.20220805-git"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-39129",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-24T14:08:58.714252Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-24T14:10:49.318Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap use after free via the function add_pe_exported_sym() at /gdb/coff-pe-read.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-25T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30640"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-39129",
    "datePublished": "2023-07-25T00:00:00",
    "dateReserved": "2023-07-25T00:00:00",
    "dateUpdated": "2024-10-24T14:10:49.318Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-1010180
Vulnerability from cvelistv5
Published
2019-07-24 12:01
Modified
2024-08-05 03:07
Severity ?
Summary
GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T03:07:18.377Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=23657"
          },
          {
            "name": "109367",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/109367"
          },
          {
            "name": "openSUSE-SU-2019:2415",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html"
          },
          {
            "name": "openSUSE-SU-2019:2432",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html"
          },
          {
            "name": "openSUSE-SU-2019:2493",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00029.html"
          },
          {
            "name": "openSUSE-SU-2019:2494",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00028.html"
          },
          {
            "name": "GLSA-202003-31",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202003-31"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "gdb",
          "vendor": "GNU",
          "versions": [
            {
              "status": "affected",
              "version": "All versions (At least as of date 2018-09-16)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Buffer Overflow - Out of bound memory access",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-03-15T20:05:59",
        "orgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8",
        "shortName": "dwf"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=23657"
        },
        {
          "name": "109367",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/109367"
        },
        {
          "name": "openSUSE-SU-2019:2415",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html"
        },
        {
          "name": "openSUSE-SU-2019:2432",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html"
        },
        {
          "name": "openSUSE-SU-2019:2493",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00029.html"
        },
        {
          "name": "openSUSE-SU-2019:2494",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00028.html"
        },
        {
          "name": "GLSA-202003-31",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/202003-31"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve-assign@distributedweaknessfiling.org",
          "ID": "CVE-2019-1010180",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "gdb",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions (At least as of date 2018-09-16)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "GNU"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Buffer Overflow - Out of bound memory access"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=23657",
              "refsource": "MISC",
              "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=23657"
            },
            {
              "name": "109367",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/109367"
            },
            {
              "name": "openSUSE-SU-2019:2415",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html"
            },
            {
              "name": "openSUSE-SU-2019:2432",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html"
            },
            {
              "name": "openSUSE-SU-2019:2493",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00029.html"
            },
            {
              "name": "openSUSE-SU-2019:2494",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00028.html"
            },
            {
              "name": "GLSA-202003-31",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/202003-31"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8",
    "assignerShortName": "dwf",
    "cveId": "CVE-2019-1010180",
    "datePublished": "2019-07-24T12:01:08",
    "dateReserved": "2019-03-20T00:00:00",
    "dateUpdated": "2024-08-05T03:07:18.377Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-9778
Vulnerability from cvelistv5
Published
2017-06-21 07:00
Modified
2024-08-05 17:18
Severity ?
Summary
GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for example, impede efforts to analyze malware with GDB.
References
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T17:18:02.165Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=21600"
          },
          {
            "name": "99244",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99244"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-06-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for example, impede efforts to analyze malware with GDB."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-06-26T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=21600"
        },
        {
          "name": "99244",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99244"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-9778",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for example, impede efforts to analyze malware with GDB."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=21600",
              "refsource": "CONFIRM",
              "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=21600"
            },
            {
              "name": "99244",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99244"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-9778",
    "datePublished": "2017-06-21T07:00:00",
    "dateReserved": "2017-06-21T00:00:00",
    "dateUpdated": "2024-08-05T17:18:02.165Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-39130
Vulnerability from cvelistv5
Published
2023-07-25 00:00
Modified
2024-10-24 14:11
Severity ?
Summary
GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap buffer overflow via the function pe_as16() at /gdb/coff-pe-read.c.
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T18:02:06.647Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30641"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:gnu:gdb:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "gdb",
            "vendor": "gnu",
            "versions": [
              {
                "status": "affected",
                "version": "13.0.50.20220805-git"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-39130",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-24T14:08:38.678394Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-24T14:11:30.406Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap buffer overflow via the function pe_as16() at /gdb/coff-pe-read.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-25T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30641"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-39130",
    "datePublished": "2023-07-25T00:00:00",
    "dateReserved": "2023-07-25T00:00:00",
    "dateUpdated": "2024-10-24T14:11:30.406Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-1705
Vulnerability from cvelistv5
Published
2005-05-24 04:00
Modified
2024-08-07 21:59
Severity ?
Summary
gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb.
References
http://secunia.com/advisories/17072third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/18506third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2005-709.htmlvendor-advisory, x_refsource_REDHAT
http://support.avaya.com/elmodocs2/security/ASA-2006-015.htmx_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2005-801.htmlvendor-advisory, x_refsource_REDHAT
http://bugs.gentoo.org/show_bug.cgi?id=88398x_refsource_CONFIRM
http://security.gentoo.org/glsa/glsa-200505-15.xmlvendor-advisory, x_refsource_GENTOO
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11072vdb-entry, signature, x_refsource_OVAL
http://www.mandriva.com/security/advisories?name=MDKSA-2005:095vendor-advisory, x_refsource_MANDRAKE
http://secunia.com/advisories/17356third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:59:24.165Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "17072",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17072"
          },
          {
            "name": "18506",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18506"
          },
          {
            "name": "RHSA-2005:709",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-709.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm"
          },
          {
            "name": "RHSA-2005:801",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-801.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=88398"
          },
          {
            "name": "GLSA-200505-15",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200505-15.xml"
          },
          {
            "name": "oval:org.mitre.oval:def:11072",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11072"
          },
          {
            "name": "MDKSA-2005:095",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:095"
          },
          {
            "name": "17356",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17356"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-05-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "17072",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17072"
        },
        {
          "name": "18506",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18506"
        },
        {
          "name": "RHSA-2005:709",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-709.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm"
        },
        {
          "name": "RHSA-2005:801",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-801.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.gentoo.org/show_bug.cgi?id=88398"
        },
        {
          "name": "GLSA-200505-15",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200505-15.xml"
        },
        {
          "name": "oval:org.mitre.oval:def:11072",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11072"
        },
        {
          "name": "MDKSA-2005:095",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:095"
        },
        {
          "name": "17356",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17356"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-1705",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "gdb before 6.3 searches the current working directory to load the .gdbinit configuration file, which allows local users to execute arbitrary commands as the user running gdb."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "17072",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17072"
            },
            {
              "name": "18506",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18506"
            },
            {
              "name": "RHSA-2005:709",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-709.html"
            },
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm",
              "refsource": "CONFIRM",
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm"
            },
            {
              "name": "RHSA-2005:801",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2005-801.html"
            },
            {
              "name": "http://bugs.gentoo.org/show_bug.cgi?id=88398",
              "refsource": "CONFIRM",
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=88398"
            },
            {
              "name": "GLSA-200505-15",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200505-15.xml"
            },
            {
              "name": "oval:org.mitre.oval:def:11072",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11072"
            },
            {
              "name": "MDKSA-2005:095",
              "refsource": "MANDRAKE",
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:095"
            },
            {
              "name": "17356",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17356"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-1705",
    "datePublished": "2005-05-24T04:00:00",
    "dateReserved": "2005-05-24T00:00:00",
    "dateUpdated": "2024-08-07T21:59:24.165Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}