4666 matches found
GNU Libtasn1 'decoding.c' Heap Buffer Overflow Vulnerability
GNU Libtasn1 is a stand-alone library written in C for manipulating ASN.1 objects that include DER/BER encoding and decoding. A heap buffer overflow vulnerability exists in the asn1extractderoctet function of GNU Libtasn1 lib/decoding.c. A remote attacker could cause a denial of service by...
Design/Logic Flaw
The asn1extractderoctet function in lib/decoding.c in GNU Libtasn1 before 4.5 allows remote attackers to cause a denial of service out-of-bounds heap read via a crafted certificate...
[SECURITY] [DSA 3254-1] suricata security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3254-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 09, 2015 http://www.debian.org/security/faq -...
Mandriva Linux Security Advisory : libtasn1 (MDVSA-2015:232)
Updated libtasn1 packages fix security vulnerability : A malformed certificate input could cause a heap overflow read in the DER decoding functions of Libtasn1. The heap overflow happens in the function asn1extractderoctet CVE-2015-3622. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
libtasn1 buffer overflow
Heap buffer overflow on DER decoding...
[ MDVSA-2015:232 ] libtasn1
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:232 http://www.mandriva.com/en/support/security/ Package : libtasn1 Date : May 8, 2015 Affected: Business Server 1.0, Business Server 2.0 Problem Description: Updated libtasn1 packages fix security...
Updated libtasn1 packages fix CVE-2015-3622
Updated libtasn1 packages fix security vulnerability: A malformed certificate input could cause a heap overflow read in the DER decoding functions of Libtasn1. The heap overflow happens in the function asn1extractderoctet CVE-2015-3622...
MGASA-2015-0200 Updated libtasn1 packages fix CVE-2015-3622
Updated libtasn1 packages fix security vulnerability: A malformed certificate input could cause a heap overflow read in the DER decoding functions of Libtasn1. The heap overflow happens in the function asn1extractderoctet CVE-2015-3622...
UBUNTU-CVE-2015-3417
Use-after-free vulnerability in the ffh264freetables function in libavcodec/h264.c in FFmpeg before 2.3.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted H.264 data in an MP4 file, as demonstrated by an HTML VIDEO element that references...
[SECURITY] Fedora 22 Update: libtasn1-4.4-1.fc22
A library that provides Abstract Syntax Notation One ASN.1, as specified by the X.680 ITU-T recommendation parsing and structures management, and Distinguished Encoding Rules DER, as per X.690 encoding and decoding func tions...
[ MDVSA-2015:199 ] less
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:199 http://www.mandriva.com/en/support/security/ Package : less Date : April 10, 2015 Affected: Business Server 1.0, Business Server 2.0 Problem Description: Updated less package fixes security vulnerability...
openssl: integer underflow leading to buffer overflow in base64 decoding
An integer underflow flaw, leading to a buffer overflow, was found in the way OpenSSL decoded malformed Base64-encoded inputs. An attacker able to make an application using OpenSSL decode a specially crafted Base64-encoded input such as a PEM file could use this flaw to cause the application to...
libtasn1 stack buffer overflow vulnerability
Libtasn1 is a C library from the GNU project for developing ASN.1 Abstract Syntax Notation One, a standard for describing the representation, encoding, transmission, and decoding of data structure management. A stack buffer overflow vulnerability exists in the asn1derdecoding function in versions...
DEBIAN-CVE-2015-2806
Stack-based buffer overflow in asn1derdecoding in libtasn1 before 4.4 allows remote attackers to have unspecified impact via unknown vectors...
APPLE-SA-2015-04-08-1 Safari 8.0.5, Safari 7.1.5, and Safari 6.2.5
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-04-08-1 Safari 8.0.5, Safari 7.1.5, and Safari 6.2.5 Safari 8.0.5, Safari 7.1.5, and Safari 6.2.5 are now available and address the following: Safari Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite...
DEBIAN-CVE-2015-2756
QEMU, as used in Xen 3.3.x through 4.5.x, does not properly restrict access to PCI command registers, which might allow local HVM guest users to cause a denial of service non-maskable interrupt and host crash by disabling the 1 memory or 2 I/O decoding for a PCI Express device and then accessing...
UBUNTU-CVE-2015-2756
QEMU, as used in Xen 3.3.x through 4.5.x, does not properly restrict access to PCI command registers, which might allow local HVM guest users to cause a denial of service non-maskable interrupt and host crash by disabling the 1 memory or 2 I/O decoding for a PCI Express device and then accessing...
UBUNTU-CVE-2015-2806
Stack-based buffer overflow in asn1derdecoding in libtasn1 before 4.4 allows remote attackers to have unspecified impact via unknown vectors...
openssl: integer underflow leading to buffer overflow in base64 decoding
An integer underflow flaw, leading to a buffer overflow, was found in the way OpenSSL decoded malformed Base64-encoded inputs. An attacker able to make an application using OpenSSL decode a specially crafted Base64-encoded input such as a PEM file could use this flaw to cause the application to...
Debian DLA-154-1 : nss security update (BEAST)
nss 3.12.8-1+squeeze11 fixes two security issues : CVE-2011-3389 SSL 3.0 and TLS 1.0 connections were vulnerable to some chosen plaintext attacks which allowed man-in-the middle attackers to obtain plaintext HTTP headers on an HTTPS session. This issue is known as the 'BEAST' attack. CVE-2014-156...