CVE-2017-12966

2017-08-2016:29:00

Google

osv.dev

6.8 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.9%

JSON

The asn1f_lookup_symbol_impl function in asn1fix_retrieve.c in libasn1fix.a in asn1c 0.9.28 allows remote attackers to cause a denial of service (segmentation fault) via a crafted .asn1 file.

CPENameOperatorVersion
asn1ceq0.9.27
asn1ceq0.9.28
asn1ceq0.9.26

Name	Operator	Version
asn1c	eq	0.9.27
asn1c	eq	0.9.28
asn1c	eq	0.9.26

References

drive.google.com/open?id=0B9DojFnTUSNGd05zSHI1RmpKQjQ