QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2012-1573

Back to search

CVE-2012-1573

Published: Mar 26, 2012

Modified: Aug 6, 2024

PUBLISHED

Description

gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a crafted record, as demonstrated by a crafted GenericBlockCipher structure.

VendorProductVersions

n/a

n/a

affected
n/a

References

USN-1418-1
vendor-advisory
x_refsource_UBUNTU
57260
third-party-advisory
x_refsource_SECUNIA
RHSA-2012:0531
vendor-advisory
x_refsource_REDHAT
[gnutls-devel] 20120302 gnutls 3.0.15
mailing-list
x_refsource_MLIST
48511
third-party-advisory
x_refsource_SECUNIA
80259
vdb-entry
x_refsource_OSVDB
52667
vdb-entry
x_refsource_BID
48488
third-party-advisory
x_refsource_SECUNIA
48712
third-party-advisory
x_refsource_SECUNIA
1026828
vdb-entry
x_refsource_SECTRACK
FEDORA-2012-4569
vendor-advisory
x_refsource_FEDORA
FEDORA-2012-4578
vendor-advisory
x_refsource_FEDORA
RHSA-2012:0488
vendor-advisory
x_refsource_REDHAT
SUSE-SU-2014:0320
vendor-advisory
x_refsource_SUSE
48596
third-party-advisory
x_refsource_SECUNIA
[gnutls-devel] 20120302 gnutls 2.12.16
mailing-list
x_refsource_MLIST
DSA-2441
vendor-advisory
x_refsource_DEBIAN
MDVSA-2012:040
vendor-advisory
x_refsource_MANDRIVA
RHSA-2012:0429
vendor-advisory
x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now
CVE-2012-1573 - Security Vulnerability | QwikSec