5

CVE-2014-3467

Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3.6, as used in GnuTLS, allow remote attackers to cause a denial of service (out-of-bounds read) via crafted ASN.1 data.

Data is provided by the National Vulnerability Database (NVD)
GnuGnutls Version < 3.5.7
GnuLibtasn1 Version < 3.6
RedhatVirtualization Version6.0
DebianDebian Linux Version7.0
RedhatEnterprise Linux Eus Version6.5
RedhatEnterprise Linux Eus Version7.3
RedhatEnterprise Linux Eus Version7.4
RedhatEnterprise Linux Eus Version7.5
RedhatEnterprise Linux Eus Version7.6
RedhatEnterprise Linux Eus Version7.7
SuseLinux Enterprise Desktop Version11 Updatesp3
SuseLinux Enterprise Server Version11 Updatesp1 SwEditionltss
SuseLinux Enterprise Server Version11 Updatesp2 SwEditionltss
SuseLinux Enterprise Server Version11 Updatesp3 SwPlatform-
SuseLinux Enterprise Server Version11 Updatesp3 SwPlatformvmware
DebianDebian Linux Version7.0
F5Arx Firmware Version >= 6.0.0 <= 6.4.0
   F5Arx Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 6.62% 0.908
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
https://bugzilla.redhat.com/show_bug.cgi?id=1102022
Patch
Third Party Advisory
Issue Tracking