CVE-2018-18483

ADVISORY - nist

Summary

The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt.

EPSS Score⁠: 0.00477 (0.640)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-190⁠

Integer Overflow or Wraparound

ADVISORY - redhat

CWE-190⁠

Integer Overflow or Wraparound

CWE-400⁠

Uncontrolled Resource Consumption

Impacted images

Advisories

NIST

CREATED

7 years ago

UPDATED

9 months ago

ADVISORY IDCVE-2018-18483⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CVSS SCORE

7.8high

Debian

CREATED

7 years ago

UPDATED

19 days ago

ADVISORY IDCVE-2018-18483⁠

EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

7 years ago

UPDATED

5 months ago

ADVISORY IDCVE-2018-18483⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.8low

Red Hat

CREATED

9 years ago

UPDATED

5 months ago

ADVISORY IDCVE-2018-18483⁠

EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)

CWE-190⁠CWE-400⁠

CVSS SCORE

4.3low

intheWild

CREATED

5 months ago

UPDATED

5 months ago

ADVISORY IDCVE-2018-18483⁠

EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY