Описание
Integer underflow in the ksba_oid_to_str function in Libksba before 1.3.2, as used in GnuPG, allows remote attackers to cause a denial of service (crash) via a crafted OID in a (1) S/MIME message or (2) ECC based OpenPGP data, which triggers a buffer overflow.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected] |
| lucid | not-affected | |
| precise | not-affected | |
| trusty | not-affected | |
| trusty/esm | DNE | trusty was not-affected |
| upstream | needs-triage | |
| utopic | not-affected |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1.3.2-1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [1.3.0-3ubuntu0.14.04.1]] |
| lucid | ignored | end of life |
| precise | released | 1.2.0-2ubuntu0.1 |
| trusty | released | 1.3.0-3ubuntu0.14.04.1 |
| trusty/esm | DNE | trusty was released [1.3.0-3ubuntu0.14.04.1] |
| upstream | released | 1.3.2-1 |
| utopic | released | 1.3.0-3ubuntu0.14.10.1 |
Показывать по
7.5 High
CVSS2
Связанные уязвимости
Integer underflow in the ksba_oid_to_str function in Libksba before 1.3.2, as used in GnuPG, allows remote attackers to cause a denial of service (crash) via a crafted OID in a (1) S/MIME message or (2) ECC based OpenPGP data, which triggers a buffer overflow.
Integer underflow in the ksba_oid_to_str function in Libksba before 1.3.2, as used in GnuPG, allows remote attackers to cause a denial of service (crash) via a crafted OID in a (1) S/MIME message or (2) ECC based OpenPGP data, which triggers a buffer overflow.
Integer underflow in the ksba_oid_to_str function in Libksba before 1. ...
Integer underflow in the ksba_oid_to_str function in Libksba before 1.3.2, as used in GnuPG, allows remote attackers to cause a denial of service (crash) via a crafted OID in a (1) S/MIME message or (2) ECC based OpenPGP data, which triggers a buffer overflow.
7.5 High
CVSS2