CVE-2017-20228

Flat Assembler 1.71.21 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying oversized input to the application. Attackers can craft malicious assembly input exceeding 5895 bytes to overwrite the instruction pointer and execute return-oriented programming chains for shell command execution.

CVSS v3 8.4 HIGH

8.4^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.5 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
http://www.flatassembler.net	Product
https://www.exploit-db.com/exploits/42265	Exploit VDB Entry
https://www.vulncheck.com/advisories/flat-assembler-stack-based-buffer-overflow-rop	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:flatassembler:flat_assembler:*:*:*:*:*:*:*:*

History

02 Apr 2026, 19:20

Type	Values Removed	Values Added
Summary		(es) Flat Assembler 1.71.21 contiene una vulnerabilidad de desbordamiento de búfer basado en pila que permite a atacantes locales ejecutar código arbitrario al proporcionar una entrada de tamaño excesivo a la aplicación. Los atacantes pueden crear una entrada de ensamblador maliciosa que exceda los 5895 bytes para sobrescribir el puntero de instrucción y ejecutar cadenas de programación orientada a retorno para la ejecución de comandos de shell.
CPE		cpe:2.3:a:flatassembler:flat_assembler::::::::
First Time		Flatassembler Flatassembler flat Assembler
References	~~() http://www.flatassembler.net -~~	() http://www.flatassembler.net - Product
References	~~() https://www.exploit-db.com/exploits/42265 -~~	() https://www.exploit-db.com/exploits/42265 - Exploit, VDB Entry
References	~~() https://www.vulncheck.com/advisories/flat-assembler-stack-based-buffer-overflow-rop -~~	() https://www.vulncheck.com/advisories/flat-assembler-stack-based-buffer-overflow-rop - Third Party Advisory

28 Mar 2026, 12:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-03-28 12:16

Updated : 2026-04-02 19:20

NVD link : CVE-2017-20228

Mitre link : CVE-2017-20228

CVE.ORG link : CVE-2017-20228

JSON object : View

Products Affected

flatassembler

flat_assembler

CWE

CWE-787

Out-of-bounds Write

{"id": "CVE-2017-20228", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "disclosure@vulncheck.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.5}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}], "cvssMetricV40": [{"type": "Secondary", "source": "disclosure@vulncheck.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.6, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2026-03-28T12:16:02.200", "references": [{"url": "http://www.flatassembler.net", "tags": ["Product"], "source": "disclosure@vulncheck.com"}, {"url": "https://www.exploit-db.com/exploits/42265", "tags": ["Exploit", "VDB Entry"], "source": "disclosure@vulncheck.com"}, {"url": "https://www.vulncheck.com/advisories/flat-assembler-stack-based-buffer-overflow-rop", "tags": ["Third Party Advisory"], "source": "disclosure@vulncheck.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "disclosure@vulncheck.com", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "Flat Assembler 1.71.21 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying oversized input to the application. Attackers can craft malicious assembly input exceeding 5895 bytes to overwrite the instruction pointer and execute return-oriented programming chains for shell command execution."}, {"lang": "es", "value": "Flat Assembler 1.71.21 contiene una vulnerabilidad de desbordamiento de b\u00fafer basado en pila que permite a atacantes locales ejecutar c\u00f3digo arbitrario al proporcionar una entrada de tama\u00f1o excesivo a la aplicaci\u00f3n. Los atacantes pueden crear una entrada de ensamblador maliciosa que exceda los 5895 bytes para sobrescribir el puntero de instrucci\u00f3n y ejecutar cadenas de programaci\u00f3n orientada a retorno para la ejecuci\u00f3n de comandos de shell."}], "lastModified": "2026-04-02T19:20:02.873", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:flatassembler:flat_assembler:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3DEEC000-D1CF-4598-83AC-866E75E5EF93", "versionEndIncluding": "1.71.21"}], "operator": "OR"}]}], "sourceIdentifier": "disclosure@vulncheck.com"}