Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2016-4574

Опубликовано: 13 июн. 2016
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5
CVSS3: 7.5

Описание

Off-by-one error in the append_utf8_value function in the DN decoder (dn.c) in Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read) via invalid utf-8 encoded data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-4356.

РелизСтатусПримечание
devel

not-affected

1.3.4-3
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [1.3.0-3ubuntu0.14.04.2]]
esm-infra/xenial

released

1.3.3-1ubuntu0.16.04.1
precise

released

1.2.0-2ubuntu0.2
trusty

released

1.3.0-3ubuntu0.14.04.2
trusty/esm

DNE

trusty was released [1.3.0-3ubuntu0.14.04.2]
upstream

released

1.3.4-3
vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

wily

released

1.3.3-1ubuntu0.15.10.1

Показывать по

Ссылки на источники

EPSS

Процентиль: 76%
0.00956
Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2016-4574

redhat
больше 9 лет назад

Off-by-one error in the append_utf8_value function in the DN decoder (dn.c) in Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read) via invalid utf-8 encoded data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-4356.

nvd логотип

CVE-2016-4574

CVSS3: 7.5
nvd
больше 9 лет назад

Off-by-one error in the append_utf8_value function in the DN decoder (dn.c) in Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read) via invalid utf-8 encoded data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-4356.

debian логотип

CVE-2016-4574

CVSS3: 7.5
debian
больше 9 лет назад

Off-by-one error in the append_utf8_value function in the DN decoder ( ...

github логотип

GHSA-986h-5j8j-hgfc

CVSS3: 7.5
github
больше 3 лет назад

Off-by-one error in the append_utf8_value function in the DN decoder (dn.c) in Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read) via invalid utf-8 encoded data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-4356.

suse-cvrf логотип

openSUSE-SU-2016:1525-1

suse-cvrf
больше 9 лет назад

Security update for libksba

EPSS

Процентиль: 76%
0.00956
Низкий

5 Medium

CVSS2

7.5 High

CVSS3