Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2006-2362

Published: 15/05/2006 Updated: 22/12/2023
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 755
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Gnu

Vulnerability Summary

Buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation GNU Binutils prior to 20060423, as used by GNU strings, allows context-dependent malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a file with a crafted Tektronix Hex Format (TekHex) record in which the length character is not a valid hexadecimal character.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

gnu binutils

Vendor Advisories

Debian CVElist Bug Report Logs: binutils: CVE-2006-2362: buffer overflow in libbfd
Debian Bug report logs - #368237 binutils: CVE-2006-2362: buffer overflow in libbfd Package: binutils; Maintainer for binutils is Matthias Klose <doko@debianorg>; Source for binutils is src:binutils (PTS, buildd, popcon) Reported by: Alec Berryman <alec@thenednet> Date: Sat, 20 May 2006 19:18:04 UTC Severity: grav ...
Ubuntu Security Notice: binutils vulnerability
CVE-2006-2362 ...

Exploits

Exploit DB: GNU BinUtils 2.1x - Buffer Overflow
source: wwwsecurityfocuscom/bid/17950/info GNU 'binutils' is prone to a buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer Remote attackers may crash the 'strings' utility, potentially making analysis of malicious binaries more difficult ...

References

CWE-787http://sourceware.org/bugzilla/show_bug.cgi?id=2584http://www.securityfocus.com/bid/17950http://secunia.com/advisories/20188http://www.trustix.org/errata/2006/0034/http://secunia.com/advisories/20531http://www.ubuntu.com/usn/usn-292-1http://www.novell.com/linux/security/advisories/2006_26_sr.htmlhttp://secunia.com/advisories/22932http://secunia.com/advisories/20550http://lists.apple.com/archives/security-announce/2007/Oct/msg00001.htmlhttp://www.securitytracker.com/id?1018872http://secunia.com/advisories/27441http://www.vupen.com/english/advisories/2007/3665http://www.vupen.com/english/advisories/2006/1924https://exchange.xforce.ibmcloud.com/vulnerabilities/26644http://www.mail-archive.com/bug-binutils%40gnu.org/msg01516.htmlhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=368237https://usn.ubuntu.com/292-1/https://nvd.nist.govhttps://www.exploit-db.com/exploits/27856/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereferenceCVE-2023-52689CVE-2024-23803client sideCVE-2023-52696information disclosureCVE-2024-35843CVE-2024-27130CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook