ALT-PU-2015-2843-1
Closed vulnerabilities
Modified: 2024-11-21
CVE-2016-4353
ber-decoder.c in Libksba before 1.3.3 does not properly handle decoder stack overflows, which allows remote attackers to cause a denial of service (abort) via crafted BER data.
- http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git%3Ba=commit%3Bh=07116a314f4dcd4d96990bbd74db95a03a9f650a
- http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git%3Ba=commit%3Bh=07116a314f4dcd4d96990bbd74db95a03a9f650a
- [oss-security] 20160429 CVE request: three issues in libksba
- [oss-security] 20160429 CVE request: three issues in libksba
- [oss-security] 20160429 Re: CVE request: three issues in libksba
- [oss-security] 20160429 Re: CVE request: three issues in libksba
- USN-2982-1
- USN-2982-1
- GLSA-201604-04
- GLSA-201604-04
Modified: 2024-11-21
CVE-2016-4354
ber-decoder.c in Libksba before 1.3.3 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (crash) via crafted BER data, which leads to a buffer overflow.
- http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git%3Ba=commit%3Bh=aea7b6032865740478ca4b706850a5217f1c3887
- http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git%3Ba=commit%3Bh=aea7b6032865740478ca4b706850a5217f1c3887
- [oss-security] 20160429 CVE request: three issues in libksba
- [oss-security] 20160429 CVE request: three issues in libksba
- [oss-security] 20160429 Re: CVE request: three issues in libksba
- [oss-security] 20160429 Re: CVE request: three issues in libksba
- USN-2982-1
- USN-2982-1
- GLSA-201604-04
- GLSA-201604-04
Modified: 2024-11-21
CVE-2016-4355
Multiple integer overflows in ber-decoder.c in Libksba before 1.3.3 allow remote attackers to cause a denial of service (crash) via crafted BER data, which leads to a buffer overflow.
- http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git%3Ba=commit%3Bh=aea7b6032865740478ca4b706850a5217f1c3887
- http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git%3Ba=commit%3Bh=aea7b6032865740478ca4b706850a5217f1c3887
- [oss-security] 20160429 CVE request: three issues in libksba
- [oss-security] 20160429 CVE request: three issues in libksba
- [oss-security] 20160429 Re: CVE request: three issues in libksba
- [oss-security] 20160429 Re: CVE request: three issues in libksba
- USN-2982-1
- USN-2982-1
- GLSA-201604-04
- GLSA-201604-04
Modified: 2024-11-21
CVE-2016-4356
The append_utf8_value function in the DN decoder (dn.c) in Libksba before 1.3.3 allows remote attackers to cause a denial of service (out-of-bounds read) by clearing the high bit of the byte after invalid utf-8 encoded data.
- http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git%3Ba=commit%3Bh=243d12fdec66a4360fbb3e307a046b39b5b4ffc3
- http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git%3Ba=commit%3Bh=243d12fdec66a4360fbb3e307a046b39b5b4ffc3
- [oss-security] 20160429 CVE request: three issues in libksba
- [oss-security] 20160429 CVE request: three issues in libksba
- [oss-security] 20160429 Re: CVE request: three issues in libksba
- [oss-security] 20160429 Re: CVE request: three issues in libksba
- [oss-security] 20160510 Re: Re: CVE request: three issues in libksba
- [oss-security] 20160510 Re: Re: CVE request: three issues in libksba
- USN-2982-1
- USN-2982-1
- GLSA-201604-04
- GLSA-201604-04