CVE-2006-2362

Publication date 15 May 2006

Last updated 24 July 2024

Ubuntu priority

Buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation GNU Binutils before 20060423, as used by GNU strings, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a file with a crafted Tektronix Hex Format (TekHex) record in which the length character is not a valid hexadecimal character.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
binutils	7.04 feisty	Fixed 2.17-1ubuntu1
	6.10 edgy	Fixed 2.17-1ubuntu1
	6.06 LTS dapper	Fixed 2.16.1cvs20060117-1ubuntu2.1

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-292-1
binutils vulnerability
9 June 2006

Other references

https://www.cve.org/CVERecord?id=CVE-2006-2362