VulnerableCode Package Details - pkg:deb/debian/binutils@2.17-1?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-9jnm-gknk-qkgm	Stack-based buffer overflow in the as_bad function in messages.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050721 allows attackers to execute arbitrary code via a .c file with crafted inline assembly code.	CVE-2005-4807
VCID-mnq3-eqnn-rkhy	Buffer overflow in reset_vars in config/tc-crx.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050714 allows user-assisted attackers to have an unknown impact via a crafted .s file.	CVE-2005-4808
VCID-t1f2-zvr7-fucy	Buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation GNU Binutils before 20060423, as used by GNU strings, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a file with a crafted Tektronix Hex Format (TekHex) record in which the length character is not a valid hexadecimal character.	CVE-2006-2362

Vulnerability

Summary

Aliases

VCID-9jnm-gknk-qkgm

Stack-based buffer overflow in the as_bad function in messages.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050721 allows attackers to execute arbitrary code via a .c file with crafted inline assembly code.

CVE-2005-4807

VCID-mnq3-eqnn-rkhy

Buffer overflow in reset_vars in config/tc-crx.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050714 allows user-assisted attackers to have an unknown impact via a crafted .s file.

CVE-2005-4808

VCID-t1f2-zvr7-fucy

Buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation GNU Binutils before 20060423, as used by GNU strings, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a file with a crafted Tektronix Hex Format (TekHex) record in which the length character is not a valid hexadecimal character.

CVE-2006-2362

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T09:49:37.395758+00:00	Debian Importer	Fixing	VCID-mnq3-eqnn-rkhy	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:02:31.302400+00:00	Debian Importer	Fixing	VCID-9jnm-gknk-qkgm	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:44:53.743473+00:00	Debian Importer	Fixing	VCID-t1f2-zvr7-fucy	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T06:34:00.157714+00:00	Debian Importer	Fixing	VCID-mnq3-eqnn-rkhy	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:03:44.154250+00:00	Debian Importer	Fixing	VCID-9jnm-gknk-qkgm	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T17:52:38.794986+00:00	Debian Importer	Fixing	VCID-t1f2-zvr7-fucy	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-02T17:06:01.812652+00:00	Debian Importer	Fixing	VCID-mnq3-eqnn-rkhy	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-02T17:03:38.243856+00:00	Debian Importer	Fixing	VCID-9jnm-gknk-qkgm	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-02T17:02:34.861093+00:00	Debian Importer	Fixing	VCID-t1f2-zvr7-fucy	https://security-tracker.debian.org/tracker/data/json	38.1.0