CVE-2014-8737

Low CVSS 3.6

Overview

Multiple directory traversal vulnerabilities in GNU binutils 2.24 and earlier allow local users to delete arbitrary files via a .. (dot dot) or full path name in an archive to (1) strip or (2) objcopy or create arbitrary files via (3) a .. (dot dot) or full path name in an archive to ar.

CWE: CWE-22 Published: 2014-12-09T23:59:07.097

Risk analysis

This vulnerability is rated 🟢 LOW.

CVSS: 3.6 (LOW)
Detected tags: none (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags