CVE-2004-1287

NASM 0.98.38-1.2 - Buffer Overflow in preproc.c Error Function

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-1287. PoCs published by Jonathan Rockway.

AI-analyzed exploit summary The provided text describes a buffer overflow vulnerability in NASM (Netwide Assembler) when processing malformed '%error' preprocessor directives. Successful exploitation could lead to arbitrary code execution with the privileges of the user running the application.

Description

Buffer overflow in the error function in preproc.c for NASM 0.98.38 1.2 allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2005-1194.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Jonathan Rockway · textremotelinux
https://www.exploit-db.com/exploits/25005

The provided text describes a buffer overflow vulnerability in NASM (Netwide Assembler) when processing malformed '%error' preprocessor directives. Successful exploitation could lead to arbitrary code execution with the privileges of the user running the application.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Theoretical
Target: NASM (version not specified)
No auth needed
Prerequisites: A malformed source file with a crafted '%error' directive
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Not Applicable vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2005-381.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/18540
Exploit, Vendor Advisory x_refsource_misc
http://tigger.uic.edu/~jlongs2/holes/nasm.txt

Scores

EPSS 0.1788
EPSS Percentile 96.8%

Details

CWE
CWE-787
Status published
Products (1)
nasm/netwide_assembler 0.98.38
Published Jan 10, 2005
Tracked Since Feb 18, 2026