Lucene search

K
nvd[email protected]NVD:CVE-2015-3622
HistoryMay 12, 2015 - 7:59 p.m.

CVE-2015-3622

2015-05-1219:59:24
CWE-119
web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

5.4

Confidence

High

EPSS

0.924

Percentile

99.0%

The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.5 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted certificate.

Affected configurations

NVD
Node
opensuseopensuseMatch13.2
Node
fedoraprojectfedoraMatch21
Node
gnulibtasn1Range4.4

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

5.4

Confidence

High

EPSS

0.924

Percentile

99.0%