Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2013-4487

Опубликовано: 20 нояб. 2013
Источник: nvd
CVSS2: 5
EPSS Низкий

Описание

Off-by-one error in the dane_raw_tlsa in the DANE library (libdane) in GnuTLS 3.1.x before 3.1.16 and 3.2.x before 3.2.6 allows remote servers to cause a denial of service (memory corruption) via a response with more than four DANE entries. NOTE: this issue is due to an incomplete fix for CVE-2013-4466.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:gnu:gnutls:3.2.0:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.2.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.2.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.2.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.2.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.2.5:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:gnu:gnutls:3.1.0:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.7:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.8:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.9:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.10:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.11:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.12:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.13:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.14:*:*:*:*:*:*:*
cpe:2.3:a:gnu:gnutls:3.1.15:*:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

EPSS

Процентиль: 56%
0.00337
Низкий

5 Medium

CVSS2

Дефекты

CWE-189

Связанные уязвимости

ubuntu логотип

CVE-2013-4487

ubuntu
около 12 лет назад

Off-by-one error in the dane_raw_tlsa in the DANE library (libdane) in GnuTLS 3.1.x before 3.1.16 and 3.2.x before 3.2.6 allows remote servers to cause a denial of service (memory corruption) via a response with more than four DANE entries. NOTE: this issue is due to an incomplete fix for CVE-2013-4466.

redhat логотип

CVE-2013-4487

redhat
больше 12 лет назад

Off-by-one error in the dane_raw_tlsa in the DANE library (libdane) in GnuTLS 3.1.x before 3.1.16 and 3.2.x before 3.2.6 allows remote servers to cause a denial of service (memory corruption) via a response with more than four DANE entries. NOTE: this issue is due to an incomplete fix for CVE-2013-4466.

debian логотип

CVE-2013-4487

debian
около 12 лет назад

Off-by-one error in the dane_raw_tlsa in the DANE library (libdane) in ...

github логотип

GHSA-h477-mjwp-rx3j

github
больше 3 лет назад

Off-by-one error in the dane_raw_tlsa in the DANE library (libdane) in GnuTLS 3.1.x before 3.1.16 and 3.2.x before 3.2.6 allows remote servers to cause a denial of service (memory corruption) via a response with more than four DANE entries. NOTE: this issue is due to an incomplete fix for CVE-2013-4466.

EPSS

Процентиль: 56%
0.00337
Низкий

5 Medium

CVSS2

Дефекты

CWE-189