An Integer overflow in the getElfSections function in p_vmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an allocation of excessive memory.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-07-27T18:40:33
Updated: 2024-08-05T00:12:43.398Z
Reserved: 2019-07-27T00:00:00
Link: CVE-2019-14295
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-07-27T19:15:12.050
Modified: 2024-11-21T04:26:23.827
Link: CVE-2019-14295
Redhat
No data.