Integer Overflow Vulnerability in GNU Libtasn1 Affects GnuTLS
CVE-2014-3467
Currently unrated
Summary
Multiple unspecified vulnerabilities in the DER decoder of GNU Libtasn1 before version 3.6 can be exploited by remote attackers to trigger a denial of service condition. This is achieved through the use of specially crafted ASN.1 data, which can lead to an out-of-bounds read during processing, resulting in crashes or unintended behavior of applications relying on GnuTLS.
References
EPSS Score
5% chance of being exploited in the next 30 days.
Timeline
Vulnerability published
Vulnerability Reserved