Search for vulnerabilities
Vulnerability details: VCID-qepk-xtpa-aaan
Vulnerability ID VCID-qepk-xtpa-aaan
Aliases CVE-2005-1704
Summary Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow.
Status Published
Exploitability 0.5
Weighted Severity 4.1
Risk 2.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-189 Numeric Errors
System Score Found at
rhas Low https://access.redhat.com/errata/RHSA-2005:659
rhas Low https://access.redhat.com/errata/RHSA-2005:673
rhas Low https://access.redhat.com/errata/RHSA-2005:709
rhas Low https://access.redhat.com/errata/RHSA-2005:763
rhas Low https://access.redhat.com/errata/RHSA-2005:801
rhas Low https://access.redhat.com/errata/RHSA-2006:0354
rhas Low https://access.redhat.com/errata/RHSA-2006:0368
epss 0.00116 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00116 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00116 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00116 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00116 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00116 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00116 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00116 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00116 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00116 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00116 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00116 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00116 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00116 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00116 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00116 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00222 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
epss 0.00371 https://api.first.org/data/v1/epss?cve=CVE-2005-1704
cvssv2 4.6 https://nvd.nist.gov/vuln/detail/CVE-2005-1704
Reference id Reference type URL
ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc
http://bugs.gentoo.org/show_bug.cgi?id=91398
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=001060
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1704.json
https://api.first.org/data/v1/epss?cve=CVE-2005-1704
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1704
http://secunia.com/advisories/15527
http://secunia.com/advisories/17001
http://secunia.com/advisories/17072
http://secunia.com/advisories/17135
http://secunia.com/advisories/17257
http://secunia.com/advisories/17356
http://secunia.com/advisories/17718
http://secunia.com/advisories/18506
http://secunia.com/advisories/21122
http://secunia.com/advisories/21262
http://secunia.com/advisories/21717
http://secunia.com/advisories/24788
http://security.gentoo.org/glsa/glsa-200505-15.xml
http://securitytracker.com/id?1016544
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9071
http://support.avaya.com/elmodocs2/security/ASA-2005-222.pdf
http://support.avaya.com/elmodocs2/security/ASA-2006-015.htm
http://support.avaya.com/elmodocs2/security/ASA-2006-178.htm
https://usn.ubuntu.com/136-1/
http://www.gentoo.org/security/en/glsa/glsa-200506-01.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2005:095
http://www.mandriva.com/security/advisories?name=MDKSA-2005:215
http://www.osvdb.org/16757
http://www.redhat.com/support/errata/RHSA-2005-659.html
http://www.redhat.com/support/errata/RHSA-2005-673.html
http://www.redhat.com/support/errata/RHSA-2005-709.html
http://www.redhat.com/support/errata/RHSA-2005-763.html
http://www.redhat.com/support/errata/RHSA-2005-801.html
http://www.redhat.com/support/errata/RHSA-2006-0354.html
http://www.redhat.com/support/errata/RHSA-2006-0368.html
http://www.securityfocus.com/archive/1/464745/100/0/threaded
http://www.securityfocus.com/bid/13697
http://www.trustix.org/errata/2005/0025/
http://www.vmware.com/support/vi3/doc/esx-55052-patch.html
http://www.vupen.com/english/advisories/2007/1267
cpe:2.3:a:gnu:gdb:*:r2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:gdb:*:r2:*:*:*:*:*:*
CVE-2005-1704 https://nvd.nist.gov/vuln/detail/CVE-2005-1704
GLSA-200505-15 https://security.gentoo.org/glsa/200505-15
GLSA-200506-01 https://security.gentoo.org/glsa/200506-01
RHBA-2005:675 https://bugzilla.redhat.com/show_bug.cgi?id=1617660
RHSA-2005:659 https://access.redhat.com/errata/RHSA-2005:659
RHSA-2005:673 https://access.redhat.com/errata/RHSA-2005:673
RHSA-2005:709 https://access.redhat.com/errata/RHSA-2005:709
RHSA-2005:763 https://access.redhat.com/errata/RHSA-2005:763
RHSA-2005:801 https://access.redhat.com/errata/RHSA-2005:801
RHSA-2006:0354 https://access.redhat.com/errata/RHSA-2006:0354
RHSA-2006:0368 https://access.redhat.com/errata/RHSA-2006:0368
USN-135-1 https://usn.ubuntu.com/135-1/
No exploits are available.
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2005-1704
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.46498
EPSS Score 0.00116
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.