CVE-2015-0537

Integer underflow in the base64-decoding implementation in EMC RSA BSAFE Micro Edition Suite MES 4.0.x before 4.0.8 and 4.1.x before 4.1.3, RSA BSAFE Crypto-C Micro Edition Crypto-C ME before 4.0.4 and 4.1, and RSA BSAFE SSL-C 2.8.9 and earlier allows remote attackers to cause a denial of service...

Integer overflow

Integer underflow in the base64-decoding implementation in EMC RSA BSAFE Micro Edition Suite MES 4.0.x before 4.0.8 and 4.1.x before 4.1.3, RSA BSAFE Crypto-C Micro Edition Crypto-C ME before 4.0.4 and 4.1, and RSA BSAFE SSL-C 2.8.9 and earlier allows remote attackers to cause a denial of service...

CVE-2015-0537

Integer underflow in the base64-decoding implementation in EMC RSA BSAFE Micro Edition Suite MES 4.0.x before 4.0.8 and 4.1.x before 4.1.3, RSA BSAFE Crypto-C Micro Edition Crypto-C ME before 4.0.4 and 4.1, and RSA BSAFE SSL-C 2.8.9 and earlier allows remote attackers to cause a denial of service...

openssl: integer underflow leading to buffer overflow in base64 decoding

An integer underflow flaw, leading to a buffer overflow, was found in the way OpenSSL decoded malformed Base64-encoded inputs. An attacker able to make an application using OpenSSL decode a specially crafted Base64-encoded input such as a PEM file could use this flaw to cause the application to...

openssl: integer underflow leading to buffer overflow in base64 decoding

An integer underflow flaw, leading to a buffer overflow, was found in the way OpenSSL decoded malformed Base64-encoded inputs. An attacker able to make an application using OpenSSL decode a specially crafted Base64-encoded input such as a PEM file could use this flaw to cause the application to...

OpenSSL 'EVP_DecodeUpdate' Denial of Service Vulnerability

OpenSSL is an open source implementation of SSL used to enable strong encryption of network communications and is now widely used in a variety of web applications. A denial of service vulnerability exists in OpenSSL. Due to an integer underflow within the EVPDecodeUpdate function located within...

SuSE 11.3 Security Update : OpenSSL (SAT Patch Number 10470)

OpenSSL has been updated to fix various security issues : - A segmentation fault in ASN1TYPEcmp was fixed that could be exploited by attackers when e.g. client authentication is used. This could be exploited over SSL connections. CVE-2015-0286 - A ASN.1 structure reuse memory corruption was fixed...

Debian DSA-3197-1 : openssl - security update

Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities and Exposures project identifies the following issues : - CVE-2015-0286 Stephen Henson discovered that the ASN1TYPEcmp function can be crashed, resulting in denial of service. -...

CVE-2015-0292

Integer underflow in the EVPDecodeUpdate function in crypto/evp/encode.c in the base64-decoding implementation in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact v...

CVE-2015-0292

Integer underflow in the EVPDecodeUpdate function in crypto/evp/encode.c in the base64-decoding implementation in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact v...

USN-2537-1 openssl vulnerabilities

It was discovered that OpenSSL incorrectly handled malformed EC private key files. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service, or execute arbitrary code. CVE-2015-0209 Stephen Henson discovered that OpenSSL incorrectly handled...

DSA-3197-1 openssl - security update

Bulletin has no description...

CVE-2015-0292

CVE-2015-0292: OpenSSL base64 decoding underflow leading to memory corruption/DoS. Affects OpenSSL prior to 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h. Exploitation via crafted Base64 input (e.g., PEM data) could crash the app; upstream and distro advisories (e.g., RHSA-2015:0715/0716,...

Debian Security Advisory DSA 3197-1 (openssl - security update)

Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2015-0286 Stephen Henson discovered that the ASN1TYPEcmp function can be crashed, resulting in denial of service...

UBUNTU-CVE-2015-0292

Integer underflow in the EVPDecodeUpdate function in crypto/evp/encode.c in the base64-decoding implementation in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact v...

Nucom ADSL ADSLR5000UN - ISP Credentials Disclosure

Nucom ADSL ADSLR5000UN - ISP Credentials Disclosure !/usr/bin/perl Exploit Author: Sebastián Magof Hardware: Modem Nucom ADSL R5000UNv2 Software Version: R5TC008 Vulnerable file: guidewan.html location: http://gateway/telecomGUI/guidewan.html Bug: ISP usr+pwd disclosure Type: Local Date: 24/09/20...

UBUNTU-CVE-2014-1725

The base64DecodeInternal function in wtf/text/Base64.cpp in Blink, as used in Google Chrome before 34.0.1847.116, does not properly handle string data composed exclusively of whitespace characters, which allows remote attackers to cause a denial of service out-of-bounds read via a window.atob...

CVE-2014-1725

Removed by vendor...

Oracle Linux 4 : pidgin (ELSA-2010-0788)

From Red Hat Security Advisory 2010:0788 : Updated pidgin packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base...

Microsoft Exchange Server MIME Base64 Decoding Code Execution (MS07-026; CVE-2007-0213) - Improved Performance

A vulnerability exists in the way Microsoft Exchange servers process certain MIME-encoded attachments. An attacker can exploit this vulnerability for code execution in SYSTEM security context...