Skip to main content

Netwide Assembler CVE-2018-16517

MEDIUM
NULL Pointer Dereference (CWE-476)
2018-09-06 cve@mitre.org
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
Sep 06, 2018 - 23:29 nvd
MEDIUM 5.5

DescriptionNVD

asm/labels.c in Netwide Assembler (NASM) is prone to NULL Pointer Dereference, which allows the attacker to cause a denial of service via a crafted file.

AnalysisAI

asm/labels.c in Netwide Assembler (NASM) is prone to NULL Pointer Dereference, which allows the attacker to cause a denial of service via a crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified as NULL Pointer Dereference (CWE-476), which allows attackers to crash the application by dereferencing a null pointer. asm/labels.c in Netwide Assembler (NASM) is prone to NULL Pointer Dereference, which allows the attacker to cause a denial of service via a crafted file. Affected products include: Nasm Netwide Assembler.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Check pointers before dereferencing. Use static analysis tools to detect null pointer paths.

CVE-2020-24978 CRITICAL POC
9.8 Sep 04

In NASM 2.15.04rc3, there is a double-free vulnerability in pp_tokline asm/preproc.c. Rated critical severity (CVSS 9.8)

CVE-2017-10686 HIGH POC
7.8 Jun 29

In Netwide Assembler (NASM) 2.14rc0, there are multiple heap use after free vulnerabilities in the tool nasm. Rated high

CVE-2023-31722 HIGH POC
7.8 May 17

There exists a heap buffer overflow in nasm 2.16.02rc1 (GitHub commit: b952891). Rated high severity (CVSS 7.8), this vu

CVE-2019-8343 HIGH POC
7.8 Feb 15

In Netwide Assembler (NASM) 2.14.02, there is a use-after-free in paste_tokens in asm/preproc.c. Rated high severity (CV

CVE-2018-19216 HIGH POC
7.8 Nov 12

Netwide Assembler (NASM) before 2.13.02 has a use-after-free in detoken at asm/preproc.c. Rated high severity (CVSS 7.8)

CVE-2018-19215 HIGH POC
7.8 Nov 12

Netwide Assembler (NASM) 2.14rc16 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for the speci

CVE-2018-19214 HIGH POC
7.8 Nov 12

Netwide Assembler (NASM) 2.14rc15 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for insuffici

CVE-2018-10254 HIGH POC
7.8 Apr 21

Netwide Assembler (NASM) 2.13 has a stack-based buffer over-read in the disasm function of the disasm/disasm.c file. Rat

CVE-2017-17818 HIGH POC
7.5 Dec 21

In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read that will cause a remote denial of service a

CVE-2017-17819 MEDIUM POC
5.5 Dec 21

In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the function find_cc() in asm/preproc.c that

CVE-2017-17815 MEDIUM POC
5.5 Dec 21

In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in is_mmacro() in asm/preproc.c that will cause

CVE-2017-17812 MEDIUM POC
5.5 Dec 21

In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read in the function detoken() in asm/preproc.c t

Share

CVE-2018-16517 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy