CVE-2011-4128

2011-12-08T20:55:00
ID CVE-2011-4128
Type cve
Reporter cve@mitre.org
Modified 2017-12-29T02:29:00

Description

Buffer overflow in the gnutls_session_get_data function in lib/gnutls_session.c in GnuTLS 2.12.x before 2.12.14 and 3.x before 3.0.7, when used on a client that performs nonstandard session resumption, allows remote TLS servers to cause a denial of service (application crash) via a large SessionTicket.