Lucene search

K
debianDebianDEBIAN:DLA-195-1:84626
HistoryApr 12, 2015 - 5:37 p.m.

[SECURITY] [DLA 195-1] libtasn1-3 security update

2015-04-1217:37:44
lists.debian.org
11

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.4

Confidence

High

EPSS

0.014

Percentile

86.2%

Package : libtasn1-3
Version : 2.7-1+squeeze+3
CVE ID : CVE-2015-2806

Hanno Boeck discovered a stack-based buffer overflow in the
asn1_der_decoding function in Libtasn1, a library to manage ASN.1
structures. A remote attacker could take advantage of this flaw to cause
an application using the Libtasn1 library to crash, or potentially to
execute arbitrary code.

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.4

Confidence

High

EPSS

0.014

Percentile

86.2%