Remote Denial of Service Vulnerability in NASM 2.14rc0: Illegal Address Access in paste_tokens() Function

Remote Denial of Service Vulnerability in NASM 2.14rc0: Illegal Address Access in paste_tokens() Function

CVE-2017-14228 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the function paste_tokens() in preproc.c, aka a NULL pointer dereference. It will lead to remote denial of service.

Learn more about our Web Application Penetration Testing UK.