CVE-2018-1000667

NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption (crashed) of nasm when handling a crafted file due to function assemble_file(inname, depend_ptr) at asm/nasm.c:482. vulnerability in function assemble_file(inname, depend_ptr) at asm/nasm.c:482. that can result in aborting/crash nasm program. This attack appear to be exploitable via a specially crafted asm file..
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:nasm:netwide_assembler:*:*:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc1:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc10:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc11:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc12:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc13:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc14:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc15:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc2:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc3:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc4:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc5:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc6:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc7:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc8:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc9:*:*:*:*:*:*

History

No history.

Information

Published : 2018-09-06 17:29

Updated : 2024-02-04 20:03


NVD link : CVE-2018-1000667

Mitre link : CVE-2018-1000667

CVE.ORG link : CVE-2018-1000667


JSON object : View

Products Affected

nasm

  • netwide_assembler
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer