QwikSec

Security Database

CVE

CWE

Training

CVE-2016-4574

Published: Jun 13, 2016

Modified: Aug 6, 2024

PUBLISHED

Description

Off-by-one error in the append_utf8_value function in the DN decoder (dn.c) in Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read) via invalid utf-8 encoded data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-4356.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20160510 Re: Re: CVE request: three issues in libksba

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_UBUNTU

openSUSE-SU-2016:1525

vendor-advisory

x_refsource_SUSE

[oss-security] 20160510 Re: CVE request: three issues in libksba

mailing-list

x_refsource_MLIST

openSUSE-SU-2016:1370

vendor-advisory

x_refsource_SUSE

http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git%3Ba=commit%3Bh=6be61daac047d8e6aa941eb103f8e71a1d4e3c75

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.