CVE Reference: CVE-2005-1704

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2005-1704

Description:
Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow.

CVE Status:
Candidate

References:

UBUNTU
  http://www.ubuntulinux.org/support/documentation/usn/usn-136-1

TRUSTIX
  http://www.trustix.org/errata/2005/0025/

ST
  1016544

SGI

SAID
  Secunia Advisory: SA17718
  Secunia Advisory: SA17072
  Secunia Advisory: SA17135
  Secunia Advisory: SA15527
  Secunia Advisory: SA17257
  Secunia Advisory: SA17356
  Secunia Advisory: SA17001
  Secunia Advisory: SA22006015
  Secunia Advisory: SA21122
  Secunia Advisory: SA21262
  Secunia Advisory: SA21717
  Secunia Advisory: SA24788

REDHAT
  http://www.redhat.com/support/errata/RHSA-2006-0354.html
  http://www.redhat.com/support/errata/RHSA-2006-0368.html
  http://www.redhat.com/support/errata/RHSA-2005-673.html
  http://www.redhat.com/support/errata/RHSA-2005-709.html
  http://www.redhat.com/support/errata/RHSA-2005-801.html
  http://www.redhat.com/support/errata/RHSA-2005-763.html
  http://www.redhat.com/support/errata/RHSA-2005-659.html

OVAL
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9071

OSVDB
  16757

MANDRAKE
  http://www.mandriva.com/security/advisories?name=MDKSA-2005:215
  http://www.mandriva.com/security/advisories?name=MDKSA-2005:095

GENTOO
  http://www.gentoo.org/security/en/glsa/glsa-200506-01.xml
  http://security.gentoo.org/glsa/glsa-200505-15.xml

CONFIRM
  http://www.vmware.com/support/vi3/doc/esx-55052-patch.html
  http://support.avaya.com/elmodocs2/security/ASA-2006-178.htm
  http://support.avaya.com/elmodocs2/security/ASA-2005-222.pdf
  http://bugs.gentoo.org/show_bug.cgi?id=91398

CONECTIVA
  http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=001060

BUGTRAQ
  http://www.securityfocus.com/archive/1/archive/1/464745/100/0/threaded

BID
  13697


Return to the previous page.