Integer Underflow Vulnerability in EMC RSA BSAFE Micro Edition Suite and Crypto-C
CVE-2015-0537

9.8CRITICAL

Key Information:

Vendor
Dell
Status
Bsafe Ssl-c
Bsafe
Bsafe Crypto-c
Vendor
CVE Published:
20 August 2015

Summary

An integer underflow in the base64-decoding process used by EMC RSA BSAFE Micro Edition Suite, Crypto-C Micro Edition, and SSL-C allows remote attackers to exploit crafted base64 data. This can lead to memory corruption or segmentation faults, potentially causing denial of service. A similar issue was noted in related vulnerabilities, emphasizing the need for prompt patching and vigilance in system security.

References

http://seclists.org/bugtraq/2015/Aug/84
mailing-listx_refsource_BUGTRAQ
http://www.securitytracker.com/id/1033299
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/76377
vdb-entryx_refsource_BID

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.