Search for vulnerabilities
Vulnerability details: VCID-pjjk-3wgs-aaap
Vulnerability ID VCID-pjjk-3wgs-aaap
Aliases CVE-2017-14745
Summary The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, interpret a -1 value as a sorting count instead of an error flag, which allows remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, related to elf32-i386.c and elf64-x86-64.c.
Status Published
Exploitability 0.5
Weighted Severity 7.0
Risk 3.5
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-190 Integer Overflow or Wraparound
System Score Found at
generic_textual Low http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-14745.html
cvssv3 3.3 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14745.json
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00114 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00145 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00173 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00173 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00173 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00173 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00173 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00173 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00173 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00173 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00173 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00173 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00173 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00173 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00263 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00325 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00325 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
epss 0.00325 https://api.first.org/data/v1/epss?cve=CVE-2017-14745
rhbs low https://bugzilla.redhat.com/show_bug.cgi?id=1500245
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14745
cvssv2 6.8 https://nvd.nist.gov/vuln/detail/CVE-2017-14745
cvssv3 7.8 https://nvd.nist.gov/vuln/detail/CVE-2017-14745
generic_textual Low https://sourceware.org/bugzilla/show_bug.cgi?id=22148
Reference id Reference type URL
http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-14745.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14745.json
https://api.first.org/data/v1/epss?cve=CVE-2017-14745
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14745
https://sourceware.org/bugzilla/show_bug.cgi?id=22148
1500245 https://bugzilla.redhat.com/show_bug.cgi?id=1500245
cpe:2.3:a:gnu:binutils:2.29:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.29:*:*:*:*:*:*:*
CVE-2017-14745 https://nvd.nist.gov/vuln/detail/CVE-2017-14745
No exploits are available.
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14745.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2017-14745
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2017-14745
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.27054
EPSS Score 0.00114
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.