CVE-2016-4353

Опубликовано: 08 апр. 2015

Источник: redhat

CVSS2: 2.6

Описание

ber-decoder.c in Libksba before 1.3.3 does not properly handle decoder stack overflows, which allows remote attackers to cause a denial of service (abort) via crafted BER data.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	libksba	Will not fix
Red Hat Enterprise Linux 6	libksba	Will not fix
Red Hat Enterprise Linux 7	libksba	Will not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-20

https://bugzilla.redhat.com/show_bug.cgi?id=1211261libksba: denial of service due to stack overflow in src/ber-decoder.c (push_decoder_state, pop_decoder_state)

2.6 Low

CVSS2

Связанные уязвимости

CVE-2016-4353

CVSS3: 7.5

ubuntu

больше 9 лет назад

ber-decoder.c in Libksba before 1.3.3 does not properly handle decoder stack overflows, which allows remote attackers to cause a denial of service (abort) via crafted BER data.

CVE-2016-4353

CVSS3: 7.5

nvd

больше 9 лет назад

ber-decoder.c in Libksba before 1.3.3 does not properly handle decoder stack overflows, which allows remote attackers to cause a denial of service (abort) via crafted BER data.

CVE-2016-4353

CVSS3: 7.5

debian

больше 9 лет назад

ber-decoder.c in Libksba before 1.3.3 does not properly handle decoder ...

GHSA-qcgh-wvgp-7qgv

CVSS3: 7.5

github

больше 3 лет назад

ber-decoder.c in Libksba before 1.3.3 does not properly handle decoder stack overflows, which allows remote attackers to cause a denial of service (abort) via crafted BER data.

2.6 Low

CVSS2