CVSS: 9.8EPSS: 0%CPEs: 35EXPL: 0CVE-2014-3469 – libtasn1: asn1_read_value_type() NULL pointer dereference
https://notcve.org/view.php?id=CVE-2014-3469
03 Jun 2014 — The (1) asn1_read_value_type and (2) asn1_read_value functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and crash) via a NULL value in an ivalue argument. Las funciones (1) asn1_read_value_type y (2) asn1_read_value en GNU Libtasn1 anterior a 3.6 permite a atacantes dependientes de contexto causar una denegación de servicio (referencia de puntero nulo y caída) a través de un valor nulo en un argumento ivalue. Multiple buffer boundar... • http://advisories.mageia.org/MGASA-2014-0247.html • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 50%CPEs: 47EXPL: 3CVE-2014-3466 – gnutls: insufficient session id length check in _gnutls_read_server_hello (GNUTLS-SA-2014-3)
https://notcve.org/view.php?id=CVE-2014-3466
02 Jun 2014 — Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a long session id in a ServerHello message. Desbordamiento de buffer en la función read_server_hello en lib/gnutls_handshake.c en GnuTLS anterior a 3.1.25, 3.2.x anterior a 3.2.15 y 3.3.x anterior a 3.3.4 permite a servidores remotos causar una denegación d... • https://github.com/azet/CVE-2014-3466_PoC • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •