QwikSec

Security Database

CVE

CWE

Training

CVE-2016-9132

Published: Jan 30, 2017

Modified: Aug 6, 2024

PUBLISHED

Description

In Botan 1.8.0 through 1.11.33, when decoding BER data an integer overflow could occur, which would cause an incorrect length field to be computed. Some API callers may use the returned (incorrect and attacker controlled) length field in a way which later causes memory corruption or other failure.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

FEDORA-2016-7de64a450f

vendor-advisory

x_refsource_FEDORA

https://github.com/randombit/botan/commit/987ad747db6d0d7e36f840398f3cf02e2fbfd90f

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

FEDORA-2016-3b59109c48

vendor-advisory

x_refsource_FEDORA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.