CVE-2005-1704

Publication date 24 May 2005

Last updated 24 July 2024

Ubuntu priority

Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
binutils	7.04 feisty	Not affected
	6.10 edgy	Not affected
	6.06 LTS dapper	Not affected
gdb	7.04 feisty	Fixed 6.4.90.dfsg-1ubuntu3
	6.10 edgy	Fixed 6.4.90.dfsg-1ubuntu3
	6.06 LTS dapper	Fixed 6.4-1ubuntu5.1
gdb-doc	7.04 feisty	Fixed 6.4.90-1
	6.10 edgy	Fixed 6.4.90-1
	6.06 LTS dapper	Not in release

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-135-1
gdb vulnerabilities
27 May 2005

USN-136-1
binutils vulnerability
27 May 2005

Other references

https://www.cve.org/CVERecord?id=CVE-2005-1704