Vulnerabilities

CVE-2014-3468

by Fred · 05/06/2014

The asn1_get_bit_der function in GNU Libtasn1 before 3.6 does not properly report an error when a negative bit length is identified, which allows context-dependent attackers to cause out-of-bounds access via crafted ASN.1 data.

Date published : 2014-06-05

http://advisories.mageia.org/MGASA-2014-0247.html

http://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=1c3ccb3e040bf13e342ee60bc23b21b97b11923f

Similar

Tags: Cybersecurity Alert