CVE-2014-3465

2014-06-10T14:55:00
ID CVE-2014-3465
Type cve
Reporter cve@mitre.org
Modified 2017-12-29T02:29:00

Description

The gnutls_x509_dn_oid_name function in lib/x509/common.c in GnuTLS 3.0 before 3.1.20 and 3.2.x before 3.2.10 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted X.509 certificate, related to a missing LDAP description for an OID when printing the DN. Per http://cwe.mitre.org/data/definitions/476.html "CWE-476: NULL Pointer Dereference"