Vulnerabilities > CVE-2018-16517 - NULL Pointer Dereference vulnerability in Nasm Netwide Assembler
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
asm/labels.c in Netwide Assembler (NASM) is prone to NULL Pointer Dereference, which allows the attacker to cause a denial of service via a crafted file.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Exploit-Db
| file | exploits/multiple/dos/46726.txt |
| id | EDB-ID:46726 |
| last seen | 2019-04-18 |
| modified | 2019-04-18 |
| platform | multiple |
| port | |
| published | 2019-04-18 |
| reporter | Exploit-DB |
| source | https://www.exploit-db.com/download/46726 |
| title | Netwide Assembler (NASM) 2.14rc15 - NULL Pointer Dereference (PoC) |
| type | dos |
Packetstorm
| data source | https://packetstormsecurity.com/files/download/152566/netwideassembler214rc15-poc.txt |
| id | PACKETSTORM:152566 |
| last seen | 2019-04-19 |
| published | 2019-04-18 |
| reporter | Fakhri Zulkifli |
| source | https://packetstormsecurity.com/files/152566/Netwide-Assembler-NASM-2.14rc15-Null-Pointer-Dereference.html |
| title | Netwide Assembler (NASM) 2.14rc15 Null Pointer Dereference |
References
- https://fakhrizulkifli.github.io/CVE-2018-16517.html
- https://bugzilla.nasm.us/show_bug.cgi?id=3392513
- https://www.exploit-db.com/exploits/46726/
- http://packetstormsecurity.com/files/152566/Netwide-Assembler-NASM-2.14rc15-Null-Pointer-Dereference.html
- http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00017.html
- http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00015.html