New Search

Tiny ASN.1 Library (libtasn1) before 0.2.18 as used by (1) GnuTLS 1.2.x before 1.2.10 and 1.3.x before 1.3.4 and (2) GNU Shishi allows attackers to crash the DER decoder and possibly execute arbitrary code via "out-of-bounds access" caused by invalid input as demonstrated by the ProtoVer SSL test suite.

oval:org.mitre.oval:def:10540

Tiny ASN.1 Library (libtasn1) before 0.2.18 as used by (1) GnuTLS 1.2.x before 1.2.10 and 1.3.x before 1.3.4 and (2) GNU Shishi allows attackers to crash the DER decoder and possibly execute arbitrary code via "out-of-bounds access" caused by invalid input as demonstrated by the ProtoVer SSL test suite.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • CentOS Linux 4
  • Red Hat Enterprise Linux 4
  • Oracle Linux 4
Class:
vulnerability
Reference(s):
  • CVE-2006-0645
Product(s):