← Back

CVE-2018-1000667

nvd nist
Published: Sep 6, 2018Modified: Nov 21, 2024

JSON object

Loading...
5.5
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Exploitability: 1.8 / Impact: 3.6
Source: NVD

Description

NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption (crashed) of nasm when handling a crafted file due to function assemble_file(inname, depend_ptr) at asm/nasm.c:482. vulnerability in function assemble_file(inname, depend_ptr) at asm/nasm.c:482. that can result in aborting/crash nasm program. This attack appear to be exploitable via a specially crafted asm file..

Affected (16)

Nasm
1 product
Netwide Assembler
Configuration A
16 vulnerable
Vulnerable SoftwareAffected Versions
Nasm
Netwide Assembler
Up to 2.14.0
Netwide Assembler
Version 2.14.0 rc10
Netwide Assembler
Version 2.14.0 rc11
Netwide Assembler
Version 2.14.0 rc12
Netwide Assembler
Version 2.14.0 rc13
Netwide Assembler
Version 2.14.0 rc14
Netwide Assembler
Version 2.14.0 rc15
Netwide Assembler
Version 2.14.0 rc1
Netwide Assembler
Version 2.14.0 rc2
Netwide Assembler
Version 2.14.0 rc3
Netwide Assembler
Version 2.14.0 rc4
Netwide Assembler
Version 2.14.0 rc5
Netwide Assembler
Version 2.14.0 rc6
Netwide Assembler
Version 2.14.0 rc7
Netwide Assembler
Version 2.14.0 rc8
Netwide Assembler
Version 2.14.0 rc9

Related CWEs

CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (8)

Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
ExploitIssue TrackingThird Party Advisory
Source: cve@mitre.org
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitIssue TrackingThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory

Timeline

No history available yet.