CVE-2020-35493
Description
A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be parsed by objdump could cause a heap buffer overflow -> out-of-bounds read that could lead to an impact to application availability. This flaw affects binutils versions prior to 2.34.
- CVSS Version 3.1
- CVSS Version 2.0
nvd
CVE ID: CVE-2020-35493
Base Score: 5.5
Base Severity: MEDIUM
Vector String:CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Impact Score: 3.6
Exploitability Score: 1.8
nvd
CVE ID: CVE-2020-35493
Base Score: 4.3
Base Severity: MEDIUM
Vector String:AV:N/AC:M/Au:N/C:N/I:N/A:P
Refrence: NVD