CVE-2017-12450

7.8HIGH

Key Information

Vendor: Gnu
Status: Binutils
Vendor: CVE Published:; 3 October 2022

Summary

The alpha_vms_object_p function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted vms alpha file.

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published.
Oct 3, 2022
Vulnerability Reserved.
Oct 3, 2022

Collectors

NVD DatabaseMitre Database