CVE-2012-1573
gnutls: TLS record handling issue (GNUTLS-SA-2012-2, MU-201202-01)
Severity Score
9.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a crafted record, as demonstrated by a crafted GenericBlockCipher structure.
gnutls_cipher.c en libgnutls en GnuTLS antes de v2.12.17 y v3.x antes de v3.0.15 no maneja adecuadamente los datos cifrados con un cifrado de bloques, lo que permite provocar una denegación de servicio (corrupción de la pila de memoria y caída de la aplicación) a atacantes remotos a través de un registro hecho a mano, como se demuestra por una estructura GenericBlockCipher especificamente creada para este fin.
New gnutls packages are available for Slackware 12.1, 12.2, 13.0, 13.1, and 13.37 to fix security issues. Related CVE Numbers: CVE-2011-4128,CVE-2012-1569,CVE-2012-1573,CVE-2013-1619,CVE-2013-2116.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2012-03-12 CVE Reserved
- 2012-03-26 CVE Published
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-310: Cryptographic Issues
CAPEC
References (28)
| URL | Date | SRC |
|---|---|---|
| http://blog.mudynamics.com/2012/03/20/gnutls-and-libtasn1-vulns | 2024-08-06 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | <= 2.12.16 Search vendor "Gnu" for product "Gnutls" and version " <= 2.12.16" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.0.0 Search vendor "Gnu" for product "Gnutls" and version "2.0.0" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.0.1 Search vendor "Gnu" for product "Gnutls" and version "2.0.1" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.0.2 Search vendor "Gnu" for product "Gnutls" and version "2.0.2" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.0.3 Search vendor "Gnu" for product "Gnutls" and version "2.0.3" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.0.4 Search vendor "Gnu" for product "Gnutls" and version "2.0.4" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.1.0 Search vendor "Gnu" for product "Gnutls" and version "2.1.0" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.1.1 Search vendor "Gnu" for product "Gnutls" and version "2.1.1" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.1.2 Search vendor "Gnu" for product "Gnutls" and version "2.1.2" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.1.3 Search vendor "Gnu" for product "Gnutls" and version "2.1.3" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.1.4 Search vendor "Gnu" for product "Gnutls" and version "2.1.4" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.1.5 Search vendor "Gnu" for product "Gnutls" and version "2.1.5" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.1.6 Search vendor "Gnu" for product "Gnutls" and version "2.1.6" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.1.7 Search vendor "Gnu" for product "Gnutls" and version "2.1.7" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.1.8 Search vendor "Gnu" for product "Gnutls" and version "2.1.8" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.2.0 Search vendor "Gnu" for product "Gnutls" and version "2.2.0" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.2.1 Search vendor "Gnu" for product "Gnutls" and version "2.2.1" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.2.2 Search vendor "Gnu" for product "Gnutls" and version "2.2.2" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.2.3 Search vendor "Gnu" for product "Gnutls" and version "2.2.3" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.2.4 Search vendor "Gnu" for product "Gnutls" and version "2.2.4" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.2.5 Search vendor "Gnu" for product "Gnutls" and version "2.2.5" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.3.0 Search vendor "Gnu" for product "Gnutls" and version "2.3.0" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.3.1 Search vendor "Gnu" for product "Gnutls" and version "2.3.1" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.3.2 Search vendor "Gnu" for product "Gnutls" and version "2.3.2" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.3.3 Search vendor "Gnu" for product "Gnutls" and version "2.3.3" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.3.4 Search vendor "Gnu" for product "Gnutls" and version "2.3.4" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.3.5 Search vendor "Gnu" for product "Gnutls" and version "2.3.5" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.3.6 Search vendor "Gnu" for product "Gnutls" and version "2.3.6" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.3.7 Search vendor "Gnu" for product "Gnutls" and version "2.3.7" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.3.8 Search vendor "Gnu" for product "Gnutls" and version "2.3.8" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.3.9 Search vendor "Gnu" for product "Gnutls" and version "2.3.9" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.3.10 Search vendor "Gnu" for product "Gnutls" and version "2.3.10" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.3.11 Search vendor "Gnu" for product "Gnutls" and version "2.3.11" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.4.0 Search vendor "Gnu" for product "Gnutls" and version "2.4.0" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.4.1 Search vendor "Gnu" for product "Gnutls" and version "2.4.1" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.4.2 Search vendor "Gnu" for product "Gnutls" and version "2.4.2" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.4.3 Search vendor "Gnu" for product "Gnutls" and version "2.4.3" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.5.0 Search vendor "Gnu" for product "Gnutls" and version "2.5.0" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.6.0 Search vendor "Gnu" for product "Gnutls" and version "2.6.0" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.6.1 Search vendor "Gnu" for product "Gnutls" and version "2.6.1" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.6.2 Search vendor "Gnu" for product "Gnutls" and version "2.6.2" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.6.3 Search vendor "Gnu" for product "Gnutls" and version "2.6.3" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.6.4 Search vendor "Gnu" for product "Gnutls" and version "2.6.4" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.6.5 Search vendor "Gnu" for product "Gnutls" and version "2.6.5" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.6.6 Search vendor "Gnu" for product "Gnutls" and version "2.6.6" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.7.4 Search vendor "Gnu" for product "Gnutls" and version "2.7.4" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.8.0 Search vendor "Gnu" for product "Gnutls" and version "2.8.0" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.8.1 Search vendor "Gnu" for product "Gnutls" and version "2.8.1" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.8.2 Search vendor "Gnu" for product "Gnutls" and version "2.8.2" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.8.3 Search vendor "Gnu" for product "Gnutls" and version "2.8.3" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.8.4 Search vendor "Gnu" for product "Gnutls" and version "2.8.4" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.8.5 Search vendor "Gnu" for product "Gnutls" and version "2.8.5" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.8.6 Search vendor "Gnu" for product "Gnutls" and version "2.8.6" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.10.0 Search vendor "Gnu" for product "Gnutls" and version "2.10.0" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.10.1 Search vendor "Gnu" for product "Gnutls" and version "2.10.1" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.10.2 Search vendor "Gnu" for product "Gnutls" and version "2.10.2" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.10.3 Search vendor "Gnu" for product "Gnutls" and version "2.10.3" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.10.4 Search vendor "Gnu" for product "Gnutls" and version "2.10.4" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.10.5 Search vendor "Gnu" for product "Gnutls" and version "2.10.5" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.12.0 Search vendor "Gnu" for product "Gnutls" and version "2.12.0" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.12.1 Search vendor "Gnu" for product "Gnutls" and version "2.12.1" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.12.2 Search vendor "Gnu" for product "Gnutls" and version "2.12.2" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.12.3 Search vendor "Gnu" for product "Gnutls" and version "2.12.3" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.12.4 Search vendor "Gnu" for product "Gnutls" and version "2.12.4" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.12.5 Search vendor "Gnu" for product "Gnutls" and version "2.12.5" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.12.6 Search vendor "Gnu" for product "Gnutls" and version "2.12.6" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.12.6.1 Search vendor "Gnu" for product "Gnutls" and version "2.12.6.1" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.12.7 Search vendor "Gnu" for product "Gnutls" and version "2.12.7" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.12.8 Search vendor "Gnu" for product "Gnutls" and version "2.12.8" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.12.9 Search vendor "Gnu" for product "Gnutls" and version "2.12.9" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.12.10 Search vendor "Gnu" for product "Gnutls" and version "2.12.10" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.12.11 Search vendor "Gnu" for product "Gnutls" and version "2.12.11" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.12.12 Search vendor "Gnu" for product "Gnutls" and version "2.12.12" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.12.13 Search vendor "Gnu" for product "Gnutls" and version "2.12.13" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.12.14 Search vendor "Gnu" for product "Gnutls" and version "2.12.14" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 2.12.15 Search vendor "Gnu" for product "Gnutls" and version "2.12.15" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 3.0 Search vendor "Gnu" for product "Gnutls" and version "3.0" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 3.0.0 Search vendor "Gnu" for product "Gnutls" and version "3.0.0" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 3.0.1 Search vendor "Gnu" for product "Gnutls" and version "3.0.1" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 3.0.2 Search vendor "Gnu" for product "Gnutls" and version "3.0.2" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 3.0.3 Search vendor "Gnu" for product "Gnutls" and version "3.0.3" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 3.0.4 Search vendor "Gnu" for product "Gnutls" and version "3.0.4" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 3.0.5 Search vendor "Gnu" for product "Gnutls" and version "3.0.5" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 3.0.6 Search vendor "Gnu" for product "Gnutls" and version "3.0.6" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 3.0.7 Search vendor "Gnu" for product "Gnutls" and version "3.0.7" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 3.0.8 Search vendor "Gnu" for product "Gnutls" and version "3.0.8" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 3.0.9 Search vendor "Gnu" for product "Gnutls" and version "3.0.9" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 3.0.10 Search vendor "Gnu" for product "Gnutls" and version "3.0.10" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 3.0.11 Search vendor "Gnu" for product "Gnutls" and version "3.0.11" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 3.0.12 Search vendor "Gnu" for product "Gnutls" and version "3.0.12" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 3.0.13 Search vendor "Gnu" for product "Gnutls" and version "3.0.13" | - |
Affected
| ||||||
| Gnu Search vendor "Gnu" | Gnutls Search vendor "Gnu" for product "Gnutls" | 3.0.14 Search vendor "Gnu" for product "Gnutls" and version "3.0.14" | - |
Affected
| ||||||