5

CVE-2012-1569

Exploit

The asn1_get_length_der function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before 3.0.16 and other products, does not properly handle certain large length values, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly have unspecified other impact via a crafted ASN.1 structure.

Data is provided by the National Vulnerability Database (NVD)
GnuGnutls Version <= 3.0.15
GnuGnutls Version1.0.16
GnuGnutls Version1.0.17
GnuGnutls Version1.0.18
GnuGnutls Version1.0.19
GnuGnutls Version1.0.20
GnuGnutls Version1.0.21
GnuGnutls Version1.0.22
GnuGnutls Version1.0.23
GnuGnutls Version1.0.24
GnuGnutls Version1.0.25
GnuGnutls Version1.1.13
GnuGnutls Version1.1.14
GnuGnutls Version1.1.15
GnuGnutls Version1.1.16
GnuGnutls Version1.1.17
GnuGnutls Version1.1.18
GnuGnutls Version1.1.19
GnuGnutls Version1.1.20
GnuGnutls Version1.1.21
GnuGnutls Version1.1.22
GnuGnutls Version1.1.23
GnuGnutls Version1.2.0
GnuGnutls Version1.2.1
GnuGnutls Version1.2.2
GnuGnutls Version1.2.3
GnuGnutls Version1.2.4
GnuGnutls Version1.2.5
GnuGnutls Version1.2.6
GnuGnutls Version1.2.7
GnuGnutls Version1.2.8
GnuGnutls Version1.2.8.1a1
GnuGnutls Version1.2.9
GnuGnutls Version1.2.10
GnuGnutls Version1.2.11
GnuGnutls Version1.3.0
GnuGnutls Version1.3.1
GnuGnutls Version1.3.2
GnuGnutls Version1.3.3
GnuGnutls Version1.3.4
GnuGnutls Version1.3.5
GnuGnutls Version1.4.0
GnuGnutls Version1.4.1
GnuGnutls Version1.4.2
GnuGnutls Version1.4.3
GnuGnutls Version1.4.4
GnuGnutls Version1.4.5
GnuGnutls Version1.5.0
GnuGnutls Version1.5.1
GnuGnutls Version1.5.2
GnuGnutls Version1.5.3
GnuGnutls Version1.5.4
GnuGnutls Version1.5.5
GnuGnutls Version1.6.0
GnuGnutls Version1.6.1
GnuGnutls Version1.6.2
GnuGnutls Version1.6.3
GnuGnutls Version1.7.0
GnuGnutls Version1.7.1
GnuGnutls Version1.7.2
GnuGnutls Version1.7.3
GnuGnutls Version1.7.4
GnuGnutls Version1.7.5
GnuGnutls Version1.7.6
GnuGnutls Version1.7.7
GnuGnutls Version1.7.8
GnuGnutls Version1.7.9
GnuGnutls Version1.7.10
GnuGnutls Version1.7.11
GnuGnutls Version1.7.12
GnuGnutls Version1.7.13
GnuGnutls Version1.7.14
GnuGnutls Version1.7.15
GnuGnutls Version1.7.16
GnuGnutls Version1.7.17
GnuGnutls Version1.7.18
GnuGnutls Version1.7.19
GnuGnutls Version2.0.0
GnuGnutls Version2.0.1
GnuGnutls Version2.0.2
GnuGnutls Version2.0.3
GnuGnutls Version2.0.4
GnuGnutls Version2.1.0
GnuGnutls Version2.1.1
GnuGnutls Version2.1.2
GnuGnutls Version2.1.3
GnuGnutls Version2.1.4
GnuGnutls Version2.1.5
GnuGnutls Version2.1.6
GnuGnutls Version2.1.7
GnuGnutls Version2.1.8
GnuGnutls Version2.2.0
GnuGnutls Version2.2.1
GnuGnutls Version2.2.2
GnuGnutls Version2.2.3
GnuGnutls Version2.2.4
GnuGnutls Version2.2.5
GnuGnutls Version2.3.0
GnuGnutls Version2.3.1
GnuGnutls Version2.3.2
GnuGnutls Version2.3.3
GnuGnutls Version2.3.4
GnuGnutls Version2.3.5
GnuGnutls Version2.3.6
GnuGnutls Version2.3.7
GnuGnutls Version2.3.8
GnuGnutls Version2.3.9
GnuGnutls Version2.3.10
GnuGnutls Version2.3.11
GnuGnutls Version2.4.0
GnuGnutls Version2.4.1
GnuGnutls Version2.4.2
GnuGnutls Version2.4.3
GnuGnutls Version2.5.0
GnuGnutls Version2.6.0
GnuGnutls Version2.6.1
GnuGnutls Version2.6.2
GnuGnutls Version2.6.3
GnuGnutls Version2.6.4
GnuGnutls Version2.6.5
GnuGnutls Version2.6.6
GnuGnutls Version2.7.4
GnuGnutls Version2.8.0
GnuGnutls Version2.8.1
GnuGnutls Version2.8.2
GnuGnutls Version2.8.3
GnuGnutls Version2.8.4
GnuGnutls Version2.8.5
GnuGnutls Version2.8.6
GnuGnutls Version2.10.0
GnuGnutls Version2.10.1
GnuGnutls Version2.10.2
GnuGnutls Version2.10.3
GnuGnutls Version2.10.4
GnuGnutls Version2.10.5
GnuGnutls Version2.12.0
GnuGnutls Version2.12.1
GnuGnutls Version2.12.2
GnuGnutls Version2.12.3
GnuGnutls Version2.12.4
GnuGnutls Version2.12.5
GnuGnutls Version2.12.6
GnuGnutls Version2.12.6.1
GnuGnutls Version2.12.7
GnuGnutls Version2.12.8
GnuGnutls Version2.12.9
GnuGnutls Version2.12.10
GnuGnutls Version2.12.11
GnuGnutls Version2.12.12
GnuGnutls Version2.12.13
GnuGnutls Version2.12.14
GnuGnutls Version3.0
GnuGnutls Version3.0.0
GnuGnutls Version3.0.1
GnuGnutls Version3.0.2
GnuGnutls Version3.0.3
GnuGnutls Version3.0.4
GnuGnutls Version3.0.5
GnuGnutls Version3.0.6
GnuGnutls Version3.0.7
GnuGnutls Version3.0.8
GnuGnutls Version3.0.9
GnuGnutls Version3.0.10
GnuGnutls Version3.0.11
GnuGnutls Version3.0.12
GnuGnutls Version3.0.13
GnuGnutls Version3.0.14
GnuLibtasn1 Version <= 2.11
GnuLibtasn1 Version0.1.0
GnuLibtasn1 Version0.1.1
GnuLibtasn1 Version0.1.2
GnuLibtasn1 Version0.2.0
GnuLibtasn1 Version0.2.1
GnuLibtasn1 Version0.2.2
GnuLibtasn1 Version0.2.3
GnuLibtasn1 Version0.2.4
GnuLibtasn1 Version0.2.5
GnuLibtasn1 Version0.2.6
GnuLibtasn1 Version0.2.7
GnuLibtasn1 Version0.2.8
GnuLibtasn1 Version0.2.9
GnuLibtasn1 Version0.2.10
GnuLibtasn1 Version0.2.11
GnuLibtasn1 Version0.2.12
GnuLibtasn1 Version0.2.13
GnuLibtasn1 Version0.2.14
GnuLibtasn1 Version0.2.15
GnuLibtasn1 Version0.2.16
GnuLibtasn1 Version0.2.17
GnuLibtasn1 Version0.2.18
GnuLibtasn1 Version0.3.0
GnuLibtasn1 Version0.3.1
GnuLibtasn1 Version0.3.2
GnuLibtasn1 Version0.3.3
GnuLibtasn1 Version0.3.4
GnuLibtasn1 Version0.3.5
GnuLibtasn1 Version0.3.6
GnuLibtasn1 Version0.3.7
GnuLibtasn1 Version0.3.8
GnuLibtasn1 Version0.3.9
GnuLibtasn1 Version0.3.10
GnuLibtasn1 Version1.0
GnuLibtasn1 Version1.1
GnuLibtasn1 Version1.2
GnuLibtasn1 Version1.3
GnuLibtasn1 Version1.4
GnuLibtasn1 Version1.5
GnuLibtasn1 Version1.6
GnuLibtasn1 Version1.7
GnuLibtasn1 Version1.8
GnuLibtasn1 Version2.0
GnuLibtasn1 Version2.1
GnuLibtasn1 Version2.2
GnuLibtasn1 Version2.3
GnuLibtasn1 Version2.4
GnuLibtasn1 Version2.5
GnuLibtasn1 Version2.6
GnuLibtasn1 Version2.7
GnuLibtasn1 Version2.8
GnuLibtasn1 Version2.9
GnuLibtasn1 Version2.10
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 12.72% 0.938
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P