Lucene search
MitreCVELIST:CVE-2015-1182HistoryJan 27, 2015 - 3:00 p.m.
CVE-2015-1182
2015-01-2715:00:00
mitre
www.cve.org
7
The asn1_get_sequence_of function in library/asn1parse.c in PolarSSL 1.0 through 1.2.12 and 1.3.x through 1.3.9 does not properly initialize a pointer in the asn1_sequence linked list, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ASN.1 sequence in a certificate.
References
lists.fedoraproject.org/pipermail/package-announce/2015-January/148829.html
lists.fedoraproject.org/pipermail/package-announce/2015-January/148903.html
lists.opensuse.org/opensuse-updates/2015-02/msg00003.html
secunia.com/advisories/62270
secunia.com/advisories/62610
www.debian.org/security/2015/dsa-3136
polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-04
security.gentoo.org/glsa/201801-15
Related
mageia
mageia
Updated polarssl packages fix CVE-2015-1182
2015-02-10 00:44:14
Updated polarssl & hiawatha packages fix security vulnerabilities
2015-05-05 16:36:50
fedora
fedora
[SECURITY] Fedora 21 Update: polarssl-1.3.9-3.fc21
2015-01-30 04:41:21
[SECURITY] Fedora 20 Update: polarssl-1.2.12-3.fc20
2015-01-30 04:31:47
nessus
nessus
PolarSSL 'asn1_get_sequence_of' Function Uninitialized Pointer RCE
2015-01-28 00:00:00
Debian DLA-144-1 : polarssl security update
2015-03-26 00:00:00
Debian DSA-3136-1 : polarssl - security update
2015-01-26 00:00:00
nvd
nvd
CVE-2015-1182
2015-01-27 20:59:14
debian
debian
[SECURITY] [DLA 144-1] polarssl security update
2015-01-29 18:54:45
[SECURITY] [DSA 3136-1] polarssl security update
2015-01-24 09:22:14
[SECURITY] [DSA 3136-1] polarssl security update
2015-01-24 09:22:14
openvas
openvas
Fedora Update for polarssl FEDORA-2015-1045
2015-01-31 00:00:00
Debian: Security Advisory (DLA-144-1)
2023-03-08 00:00:00
Debian: Security Advisory (DSA-3136-1)
2015-01-23 00:00:00
cve
cve
CVE-2015-1182
2015-01-27 20:59:14
osv
osv
polarssl - security update
2015-01-29 00:00:00
polarssl - security update
2015-01-24 00:00:00
libmbedcrypto0-2.4.0-1.2 on GA media
2024-06-15 00:00:00
archlinux
archlinux
polarssl: remote code execution
2015-01-20 00:00:00
prion
prion
Null pointer dereference
2015-01-27 20:59:00
freebsd
freebsd
polarssl -- Remote attack using crafted certificates
2015-01-14 00:00:00
ubuntucve
ubuntucve
CVE-2015-1182
2015-01-27 00:00:00
gentoo
gentoo
PolarSSL: Multiple vulnerabilities
2018-01-15 00:00:00