Remote Code Execution via Crafted ELF Section Group Headers
CVE-2014-8485 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
The setup_group function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted section group headers in an ELF file.
Learn more about our Web Application Penetration Testing UK.