Lucene search

K
cveMitreCVE-2006-5111
HistoryOct 03, 2006 - 4:03 a.m.

CVE-2006-5111

2006-10-0304:03:00
mitre
web.nvd.nist.gov
24
libksba
gpgsm
denial of service
application crash
x.509 certificate
vulnerability
nvd

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.3

Confidence

High

EPSS

0.05

Percentile

92.9%

The libksba library 0.9.12 and possibly other versions, as used by gpgsm in the newpg package on SUSE LINUX, allows attackers to cause a denial of service (application crash) via a malformed X.509 certificate in a signature.

Affected configurations

Nvd
Node
libksba_librarylibksba_libraryMatch0.9.12
VendorProductVersionCPE
libksba_librarylibksba_library0.9.12cpe:2.3:a:libksba_library:libksba_library:0.9.12:*:*:*:*:*:*:*

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.3

Confidence

High

EPSS

0.05

Percentile

92.9%