Tiny ASN.1 Library (libtasn1) prior to 0.2.18, as used by (1) GnuTLS 1.2.x prior to 1.2.10 and 1.3.x prior to 1.3.4, and (2) GNU Shishi, allows malicious users to crash the DER decoder and possibly execute arbitrary code via "out-of-bounds access" caused by invalid input, as demonstrated by the ProtoVer SSL test suite.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
free software foundation inc. libtasn1 0.2.0 |
||
free software foundation inc. libtasn1 0.2.1 |
||
free software foundation inc. libtasn1 0.2.17 |
||
free software foundation inc. libtasn1 0.2.2 |
||
free software foundation inc. libtasn1 0.2.9 |
||
free software foundation inc. libtasn1 0.1.1 |
||
free software foundation inc. libtasn1 0.1.2 |
||
free software foundation inc. libtasn1 0.2.14 |
||
free software foundation inc. libtasn1 0.2.15 |
||
free software foundation inc. libtasn1 0.2.16 |
||
free software foundation inc. libtasn1 0.2.7 |
||
free software foundation inc. libtasn1 0.2.8 |
||
free software foundation inc. libtasn1 0.2.10 |
||
free software foundation inc. libtasn1 0.2.11 |
||
free software foundation inc. libtasn1 0.2.3 |
||
free software foundation inc. libtasn1 0.2.4 |
||
free software foundation inc. libtasn1 0.1.0 |
||
free software foundation inc. libtasn1 0.2.12 |
||
free software foundation inc. libtasn1 0.2.13 |
||
free software foundation inc. libtasn1 0.2.5 |
||
free software foundation inc. libtasn1 0.2.6 |