CVE-2020-17487

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
11/08/2020
Last modified:
07/11/2023

Description

radare2 4.5.0 misparses signature information in PE files, causing a segmentation fault in r_x509_parse_algorithmidentifier in libr/util/x509.c. This is due to a malformed object identifier in IMAGE_DIRECTORY_ENTRY_SECURITY.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:radare:radare2:4.5.0:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*