CVE-2019-20352
Description
In Netwide Assembler (NASM) 2.15rc0, a heap-based buffer over-read occurs (via a crafted .asm file) in set_text_free when called from expand_one_smacro in asm/preproc.c.
- CVSS Version 3.1
- CVSS Version 2.0
nvd
CVE ID: CVE-2019-20352
Base Score: 7.1
Base Severity: HIGH
Vector String:CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
Impact Score: 5.2
Exploitability Score: 1.8
nvd
CVE ID: CVE-2019-20352
Base Score: 5.8
Base Severity: MEDIUM
Vector String:AV:N/AC:M/Au:N/C:P/I:N/A:P
Refrence: NVD