CVE-2005-4807

Stack-based buffer overflow in the as_bad function in messages.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050721 allows attackers to execute arbitrary code via a .c file with crafted inline assembly code.

Published: Dec 31, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-4807
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
gnu / binutils	-	2.17
canonical / ubuntu_linux	5.04	5.04.x
canonical / ubuntu_linux	5.10	5.10.x

http://bugs.gentoo.org/show_bug.cgi?id=99464
http://secunia.com/advisories/21508
http://secunia.com/advisories/21530
http://www.osvdb.org/27960
http://www.securityfocus.com/bid/19555
http://www.ubuntu.com/usn/usn-336-1
http://www.vupen.com/english/advisories/2006/3307

Vulnerability Database

289,599

CVE-2005-4807