|
|
CVE Reference: CVE-2006-2362 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-2362 |
|
|
Description: Buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation GNU Binutils before 20060423, as used by GNU strings, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a file with a crafted Tektronix Hex Format (TekHex) record in which the length character is not a valid hexadecimal character. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/26644 UBUNTU http://www.ubuntu.com/usn/usn-292-1 TRUSTIX http://www.trustix.org/errata/2006/0034/ SUSE http://www.novell.com/linux/security/advisories/2006_26_sr.html ST 1018872 SAID Secunia Advisory: SA20188 Secunia Advisory: SA20531 Secunia Advisory: SA22932 Secunia Advisory: SA20550 Secunia Advisory: SA27441 MLIST http://www.mail-archive.com/bug-binutils@gnu.org/msg01516.html CONFIRM http://sourceware.org/bugzilla/show_bug.cgi?id=2584 BID 17950 APPLE http://lists.apple.com/archives/security-announce/2007/Oct/msg00001.html |
|
| Return to the previous page. |
