Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-a2yr-2vez-3ka2
Vulnerability ID VCID-a2yr-2vez-3ka2
Aliases CVE-2004-1287
Summary Buffer overflow in the error function in preproc.c for NASM 0.98.38 1.2 allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2005-1194.
Status Published
Exploitability 2.0
Weighted Severity 0.1
Risk 0.2
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.16447 https://api.first.org/data/v1/epss?cve=CVE-2004-1287
epss 0.16447 https://api.first.org/data/v1/epss?cve=CVE-2004-1287
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-1287.json
https://api.first.org/data/v1/epss?cve=CVE-2004-1287
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1287
1617404 https://bugzilla.redhat.com/show_bug.cgi?id=1617404
285889 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=285889
CVE-2004-1287;OSVDB-12446 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/25005.txt
CVE-2004-1287;OSVDB-12446 Exploit https://www.securityfocus.com/bid/11991/info
RHSA-2005:381 https://access.redhat.com/errata/RHSA-2005:381
USN-45-1 https://usn.ubuntu.com/45-1/
Data source Exploit-DB
Date added Dec. 15, 2004
Description NASM 0.98.x - Error Preprocessor Directive Buffer Overflow
Ransomware campaign use Known
Source publication date Dec. 15, 2004
Exploit type remote
Platform linux
Source update date April 30, 2013
Source URL https://www.securityfocus.com/bid/11991/info
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.95005
EPSS Score 0.16447
Published At June 4, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-04T17:03:21.465432+00:00 Debian Importer Import https://security-tracker.debian.org/tracker/data/json 38.6.0