DescriptionTiny ASN.1 Library (libtasn1) before 0.2.18, as used by (1) GnuTLS 1.2.x before 1.2.10 and 1.3.x before 1.3.4, and (2) GNU Shishi, allows attackers to crash the DER decoder and possibly execute arbitrary code via "out-of-bounds access" caused by invalid input, as demonstrated by the ProtoVer SSL test suite.
Overall state of this security issue: Resolved
This issue is currently rated as having important severity.
|National Vulnerability Database|
SUSE Timeline for this CVECVE page created: Fri Jun 28 01:37:14 2013
CVE page last modified: Fri Oct 7 12:45:32 2022