Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2014-3467

Published: 05/06/2014 Updated: 16/11/2020
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Gnu

Vulnerability Summary

Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 prior to 3.6, as used in GnuTLS, allow remote malicious users to cause a denial of service (out-of-bounds read) via crafted ASN.1 data.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

gnu gnutls

gnu libtasn1

redhat virtualization 6.0

debian debian linux 7.0

redhat enterprise linux desktop 5.0

redhat enterprise linux desktop 6.0

redhat enterprise linux desktop 7.0

redhat enterprise linux eus 6.5

redhat enterprise linux eus 7.3

redhat enterprise linux eus 7.4

redhat enterprise linux eus 7.5

redhat enterprise linux eus 7.6

redhat enterprise linux eus 7.7

redhat enterprise linux server 5.0

redhat enterprise linux server 6.0

redhat enterprise linux server 7.0

redhat enterprise linux server aus 6.5

redhat enterprise linux server aus 7.3

redhat enterprise linux server aus 7.4

redhat enterprise linux server aus 7.6

redhat enterprise linux server aus 7.7

redhat enterprise linux server tus 6.5

redhat enterprise linux server tus 7.3

redhat enterprise linux server tus 7.6

redhat enterprise linux server tus 7.7

redhat enterprise linux workstation 5.0

redhat enterprise linux workstation 6.0

redhat enterprise linux workstation 7.0

suse linux enterprise desktop 11

suse linux enterprise high availability extension 11

suse linux enterprise server 11

suse linux enterprise software development kit 11

f5 arx_firmware

Vendor Advisories

Ubuntu Security Notice: libtasn1-3, libtasn1-6 vulnerabilities
Libtasn1 could be made to crash or run programs as your login if it processed specially crafted data ...
Debian Security Advisories: DSA-3056-1 libtasn1-3 -- security update
Several vulnerabilities were discovered in libtasn1-3, a library that manages ASN1 (Abstract Syntax Notation One) structures An attacker could use those to cause a denial-of-service via out-of-bounds access or NULL pointer dereference For the stable distribution (wheezy), these problems have been fixed in version 213-2+deb7u1 We recommend that ...
Amazon Linux AMI: ALAS-2014-359
It was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN1-encoded data Specially crafted ASN1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, execute arbitrary code (CVE-2014-3468) Multiple in ...
Red Hat: CVE-2014-3467
Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 36, as used in GnuTLS, allow remote attackers to cause a denial of service (out-of-bounds read) via crafted ASN1 data ...

References

NVD-CWE-noinfohttp://rhn.redhat.com/errata/RHSA-2014-0596.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=1102022http://rhn.redhat.com/errata/RHSA-2014-0594.htmlhttp://lists.gnu.org/archive/html/help-libtasn1/2014-05/msg00006.htmlhttp://linux.oracle.com/errata/ELSA-2014-0596.htmlhttp://secunia.com/advisories/59057http://secunia.com/advisories/59021http://linux.oracle.com/errata/ELSA-2014-0594.htmlhttp://secunia.com/advisories/58614http://secunia.com/advisories/58591http://secunia.com/advisories/60415http://rhn.redhat.com/errata/RHSA-2014-0815.htmlhttp://www.debian.org/security/2014/dsa-3056http://secunia.com/advisories/61888http://www.mandriva.com/security/advisories?name=MDVSA-2015:116http://advisories.mageia.org/MGASA-2014-0247.htmlhttp://www.novell.com/support/kb/doc.php?id=7015303http://www.novell.com/support/kb/doc.php?id=7015302http://support.f5.com/kb/en-us/solutions/public/15000/400/sol15423.htmlhttp://secunia.com/advisories/60320http://secunia.com/advisories/59408http://rhn.redhat.com/errata/RHSA-2014-0687.htmlhttp://lists.opensuse.org/opensuse-security-announce/2014-06/msg00015.htmlhttp://lists.opensuse.org/opensuse-security-announce/2014-06/msg00002.htmlhttps://usn.ubuntu.com/2294-1/https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2014-3467
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895blind SQL injectionCVE-2024-5064CVE-2023-52677CVE-2023-52682CVE-2024-30051CVE-2024-35849remote attackersremote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook