CVE-2005-1704
EPSS 0.22%
Description
Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow.
How to fix CVE-2005-1704
To remediate CVE-2005-1704, upgrade the affected package to a fixed version below.
- Debian/gdb—upgrade to 6.3-6 or later
Is CVE-2005-1704 being exploited?
Low — EPSS is 0.2%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 6.3-6