CVE-2018-6003

An issue was discovered in the asn1decodesimpleber function in decoding.c in GNU Libtasn1 before 4.13. Unlimited recursion in the BER decoder leads to stack exhaustion and DoS...

CVE-2018-6003

An issue was discovered in the asn1decodesimpleber function in decoding.c in GNU Libtasn1 before 4.13. Unlimited recursion in the BER decoder leads to stack exhaustion and DoS...

DEBIAN-CVE-2016-4355

Multiple integer overflows in ber-decoder.c in Libksba before 1.3.3 allow remote attackers to cause a denial of service crash via crafted BER data, which leads to a buffer overflow...

Stack overflow

ber-decoder.c in Libksba before 1.3.3 does not properly handle decoder stack overflows, which allows remote attackers to cause a denial of service abort via crafted BER data...

CVE-2016-4355

Multiple integer overflows in ber-decoder.c in Libksba before 1.3.3 allow remote attackers to cause a denial of service crash via crafted BER data, which leads to a buffer overflow...

CVE-2016-4354

CVE-2016-4354 affects Libksba prior to 1.3.3. The ber-decoder.c component uses an incorrect integer data type, allowing remote attackers to crash the process and cause a buffer overflow via crafted BER data. The issue is documented across multiple sources (OSV/OSVDEV, NVD references). Affected ve...

CVE-2015-5727

The BER decoder in Botan 1.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service memory consumption via unspecified vectors, related to a length field...

CVE-2015-5726

The BER decoder in Botan 0.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service application crash via an empty BIT STRING in ASN.1 data...

Code injection

The BER decoder in Botan 0.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service application crash via an empty BIT STRING in ASN.1 data...

UBUNTU-CVE-2015-5726

The BER decoder in Botan 0.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service application crash via an empty BIT STRING in ASN.1 data...

CVE-2015-5727

The BER decoder in Botan 1.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service memory consumption via unspecified vectors, related to a length field...

CVE-2015-5726

The BER decoder in Botan 0.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service application crash via an empty BIT STRING in ASN.1 data...

UBUNTU-CVE-2015-5727

The BER decoder in Botan 1.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service memory consumption via unspecified vectors, related to a length field...

Design/Logic Flaw

The BER decoder in Botan 1.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service memory consumption via unspecified vectors, related to a length field...

CVE-2015-5727

CVE-2015-5727 affects Botan BER decoder. Multiple connected advisories (Debian DSA-3565, OpenVAS NASL) confirm the issue: the BER decoder could allocate a large amount of memory when processing a length field, enabling a denial of service through memory exhaustion. Affected: Botan 1.10.x before 1...

CVE-2015-5726

Removed by vendor...

CVE-2015-5726

The BER decoder in Botan 0.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service application crash via an empty BIT STRING in ASN.1 data...

CVE-2015-5726

The CVE-2015-5726 issue affects Botan BER decoder: an empty BIT STRING in ASN.1 data can cause a remote denial of service (application crash) in Botan 0.10.x before 1.10.10 and 1.11.x before 1.11.19. Debian advisories confirm fixes for botan1.10 in Jessie (upgrade to 1.10.8-2+deb8u1). If applicab...

CVE-2015-5727

The BER decoder in Botan 1.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service memory consumption via unspecified vectors, related to a length field...

Botan BER Decoder Denial of Service Vulnerability

Botan is a C++ library of cryptographic algorithms that supports AES, DES, SHA-1, RSA, DSA and Diffie-Hellman. The Botan BER decoder fails to properly allocate memory for the 'length' field, allowing remote attackers to exploit the vulnerability by submitting a special request to invoke the OOM...