Tiny ASN.1 Library (libtasn1) before 0.2.18, as used by (1) GnuTLS 1.2.x before 1.2.10 and 1.3.x before 1.3.4, and (2) GNU Shishi, allows attackers to crash the DER decoder and possibly execute arbitrary code via "out-of-bounds access" caused by invalid input, as demonstrated by the ProtoVer SSL test suite.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2006-02-10T18:00:00
Updated: 2024-08-07T16:41:29.006Z
Reserved: 2006-02-10T00:00:00
Link: CVE-2006-0645
Vulnrichment
No data.
NVD
Status : Modified
Published: 2006-02-10T18:06:00.000
Modified: 2018-10-19T15:45:41.427
Link: CVE-2006-0645
Redhat