CVE-2018-1000667

NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption (crashed) of nasm when handling a crafted file due to function assemble_file(inname, depend_ptr) at asm/nasm.c:482. vulnerability in function assemble_file(inname, depend_ptr) at asm/nasm.c:482. that can result in aborting/crash nasm program. This attack appear to be exploitable via a specially crafted asm file..
Configurations

Configuration 1

cpe:2.3:a:nasm:netwide_assembler:*:*:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc15:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc1:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc2:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc3:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc4:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc5:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc6:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc7:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc8:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc9:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc10:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc11:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc12:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc13:*:*:*:*:*:*
cpe:2.3:a:nasm:netwide_assembler:2.14.0:rc14:*:*:*:*:*:*

Information

Published : 2018-09-06 05:29

Updated : 2020-07-13 09:15


NVD link : CVE-2018-1000667

Mitre link : CVE-2018-1000667

Products Affected
No products.
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer