CVSS: 9.8EPSS: 0%CPEs: 35EXPL: 0CVE-2014-3469 – libtasn1: asn1_read_value_type() NULL pointer dereference
https://notcve.org/view.php?id=CVE-2014-3469
03 Jun 2014 — The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via a NULL value in an ivalue argument. Las funciones (1) asn1_read_value_type y (2) asn1_read_value en GNU Libtasn1 anterior a 3.6 permite a atacantes dependientes de contexto causar una denegación de servicio (referencia de puntero nulo y caída) a través de un valor nulo en un argumento ivalue. Multiple buffer boundar... • http://advisories.mageia.org/MGASA-2014-0247.html • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 89%CPEs: 221EXPL: 1CVE-2012-1569 – libtasn1: DER decoding buffer overflow (GNUTLS-SA-2012-3, MU-201202-02)
https://notcve.org/view.php?id=CVE-2012-1569
26 Mar 2012 — The asn1_get_length_der function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before 3.0.16 and other products, does not properly handle certain large length values, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly have unspecified other impact via a crafted ASN.1 structure. La función asn1_get_length_der en decoding.c en GNU libtasn1 antes de v2.12, tal y como se usa en GnuTLS antes del v3.0.16 y otros productos, no maneja... • http://archives.neohapsis.com/archives/bugtraq/2012-03/0099.html • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 2%CPEs: 21EXPL: 0CVE-2006-0645 – - libtasn1 buffer overflow
https://notcve.org/view.php?id=CVE-2006-0645
10 Feb 2006 — Tiny ASN.1 Library (libtasn1) before 0.2.18, as used by (1) GnuTLS 1.2.x before 1.2.10 and 1.3.x before 1.3.4, and (2) GNU Shishi, allows attackers to crash the DER decoder and possibly execute arbitrary code via "out-of-bounds access" caused by invalid input, as demonstrated by the ProtoVer SSL test suite. • http://josefsson.org/cgi-bin/viewcvs.cgi/gnutls/tests/certder.c?view=markup •
CVSS: 10.0EPSS: 0%CPEs: 10EXPL: 0CVE-2004-0401
https://notcve.org/view.php?id=CVE-2004-0401
14 May 2004 — Unknown vulnerability in libtasn1 0.1.x before 0.1.2, and 0.2.x before 0.2.7, related to the DER parsing functions. Vulnerabilidad en libtasn1 0.1.x anteriors a 0.1.2 y 0.2.x anteriores a 0.2.7, relacionada con las funciones de procesamiento sintáctico DER. • http://packages.debian.org/changelogs/pool/main/libt/libtasn1-2/libtasn1-2_0.2.13-1/changelog •