Denial of Service Vulnerability in Libksba Affecting Multiple Vendors
CVE-2016-4579

7.5HIGH

Key Information:

Vendor

Gnupg

Status
Libksba
Vendor
CVE Published:
13 June 2016

What is CVE-2016-4579?

Libksba versions prior to 1.3.4 are susceptible to a remote denial of service (DoS) condition due to an out-of-bounds read vulnerability. Attackers may exploit this weakness through unspecified vectors, leading to application crashes and disruption of service. It is crucial for users to upgrade to the latest version to mitigate this potential risk.

References

http://www.ubuntu.com/usn/USN-2982-1
vendor-advisoryx_refsource_UBUNTU
http://www.openwall.com/lists/oss-security/2016/05/11/10
mailing-listx_refsource_MLIST
http://lists.opensuse.org/opensuse-updates/2016-06/msg000...
vendor-advisoryx_refsource_SUSE

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.