Lucene search

K
mageiaGentoo FoundationMGASA-2015-0200
HistoryMay 06, 2015 - 8:44 p.m.

Updated libtasn1 packages fix CVE-2015-3622

2015-05-0620:44:06
Gentoo Foundation
advisories.mageia.org
11

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

EPSS

0.924

Percentile

99.0%

Updated libtasn1 packages fix security vulnerability: A malformed certificate input could cause a heap overflow read in the DER decoding functions of Libtasn1. The heap overflow happens in the function _asn1_extract_der_octet() (CVE-2015-3622).

OSVersionArchitecturePackageVersionFilename
Mageia4noarchlibtasn1< 3.6-1.2libtasn1-3.6-1.2.mga4

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

EPSS

0.924

Percentile

99.0%