[Secure-testing-team] Integer overflow in applications parsing ELF headers
Andrew Pollock
apollock at debian.org
Wed May 11 12:05:36 UTC 2005
On Wed, May 11, 2005 at 01:05:01PM +0200, Moritz Muehlenhoff wrote:
> Hi,
> It's been discovered that a wide range of applications parsing ELF segment
> headers are vulnerable to an integer overflow when allocating memory for
> segment headers. Applications already known to be affected are:
> binutils
> elfutils
> gdb
> ht (already filed a minute ago)
> prelink
>
> Are there other applications inside Debian embedding BFD or parsing ELF
> binaries with their own code?
>
Potentially elfsign.
regards
Andrew
More information about the Secure-testing-team
mailing list