Vulnerability Description
Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Gnu | Gdb | <= 6.3 |
Related Weaknesses (CWE)
References
- ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc
- http://bugs.gentoo.org/show_bug.cgi?id=91398
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=001060
- http://secunia.com/advisories/15527Vendor Advisory
- http://secunia.com/advisories/17001Vendor Advisory
- http://secunia.com/advisories/17072Vendor Advisory
- http://secunia.com/advisories/17135Vendor Advisory
- http://secunia.com/advisories/17257Vendor Advisory
- http://secunia.com/advisories/17356Vendor Advisory
- http://secunia.com/advisories/17718Vendor Advisory
- http://secunia.com/advisories/18506
- http://secunia.com/advisories/21122Vendor Advisory
- http://secunia.com/advisories/21262Vendor Advisory
- http://secunia.com/advisories/21717Vendor Advisory
- http://secunia.com/advisories/24788Vendor Advisory
FAQ
What is CVE-2005-1704?
CVE-2005-1704 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted...
How severe is CVE-2005-1704?
CVE-2005-1704 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-1704?
Check the references section above for vendor advisories and patch information. Affected products include: Gnu Gdb.