CVE-2016-4354

Опубликовано: 13 июн. 2016

Источник: ubuntu

Приоритет: medium

CVSS2: 5

CVSS3: 7.5

Описание

ber-decoder.c in Libksba before 1.3.3 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (crash) via crafted BER data, which leads to a buffer overflow.

Релиз	Статус	Примечание
devel	not-affected
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was released [1.3.0-3ubuntu0.14.04.2]]
esm-infra/xenial	not-affected
precise	released	1.2.0-2ubuntu0.2
trusty	released	1.3.0-3ubuntu0.14.04.2
trusty/esm	DNE	trusty was released [1.3.0-3ubuntu0.14.04.2]
upstream	released	1.3.3-1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
wily	not-affected	1.3.3-1

Показывать по

Ссылки на источники

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

CVE-2016-4354

redhat

почти 11 лет назад

ber-decoder.c in Libksba before 1.3.3 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (crash) via crafted BER data, which leads to a buffer overflow.

CVE-2016-4354

CVSS3: 7.5

nvd

больше 9 лет назад

ber-decoder.c in Libksba before 1.3.3 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (crash) via crafted BER data, which leads to a buffer overflow.

CVE-2016-4354

CVSS3: 7.5

debian

больше 9 лет назад

ber-decoder.c in Libksba before 1.3.3 uses an incorrect integer data t ...

GHSA-35f2-fx5v-8568

CVSS3: 7.5

github

больше 3 лет назад

ber-decoder.c in Libksba before 1.3.3 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (crash) via crafted BER data, which leads to a buffer overflow.

5 Medium

CVSS2

7.5 High

CVSS3

CVE-2016-4354

Описание

Пакет libksba

Ссылки на источники

Связанные уязвимости