GNU Binutils 'opcodes/rl78-decode.opc' Stack Buffer Overflow Vulnerability

GNU Binutils is prone to a stack-based buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.

An attacker can exploit this issue to crash the affected application, resulting in denial-of-service conditions. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed.

GNU Binutils 2.28 is vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus