Home

CVE-2015-2806

Description

Stack-based buffer overflow in asn1_der_decoding in libtasn1 before 4.4 allows remote attackers to have unspecified impact via unknown vectors.

Risk Information

Base Score
3.3
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
EPSS Score
Exploitation Probability
9.345

Associated Vulnerability

VulnerabilityOS Platform
(RHSA-2017:1860) Moderate: libtasn1 security, bug fix, and enhancement update libtasn1-4.10-1.el7.i686.rpmLinux
(RHSA-2017:1860) Moderate: libtasn1 security, bug fix, and enhancement update libtasn1-4.10-1.el7.x86_64.rpmLinux
(RHSA-2017:1860) Moderate: libtasn1 security, bug fix, and enhancement update libtasn1-devel-4.10-1.el7.i686.rpmLinux
(RHSA-2017:1860) Moderate: libtasn1 security, bug fix, and enhancement update libtasn1-devel-4.10-1.el7.x86_64.rpmLinux
(RHSA-2017:1860) Moderate: libtasn1 security, bug fix, and enhancement update libtasn1-tools-4.10-1.el7.x86_64.rpmLinux
SUSE-SU-2016:0077-1(SUSE Linux Enterprise Desktop 11-SP3 ) gnutls-2.4.1-24.39.60.1.x86_64.rpmLinux
SUSE-SU-2016:0077-1(SUSE Linux Enterprise Server 11-SP3 ) libgnutls-extra26-2.4.1-24.39.60.1.x86_64.rpmLinux
SUSE-SU-2016:0077-1(SUSE Linux Enterprise Desktop 11-SP3 ) libgnutls26-2.4.1-24.39.60.1.x86_64.rpmLinux
SUSE-SU-2016:0077-1(SUSE Linux Enterprise Desktop 11-SP3 ) libgnutls26-32bit-2.4.1-24.39.60.1.x86_64.rpmLinux
SUSE-SU-2015:0901-1(SUSE Linux Enterprise Desktop 11 SP3 ) libtasn1-1.5-1.30.1.x86_64.rpmLinux
SUSE-SU-2015:0901-1(SUSE Linux Enterprise Desktop 11 SP3 ) libtasn1-3-1.5-1.30.1.x86_64.rpmLinux
SUSE-SU-2015:0901-1(SUSE Linux Enterprise Desktop 11 SP3 ) libtasn1-3-32bit-1.5-1.30.1.x86_64.rpmLinux
(CESA-2017:1860) Moderate: libtasn1 security, bug fix, and enhancement update libtasn1-tools-4.10-1.el7.x86_64.rpmLinux
(RHSA-2017:1860)Moderate: security, bug fix, and enhancement update libtasn1-debuginfo-4.10-1.el7.i686.rpmLinux
(RHSA-2017:1860)Moderate: security, bug fix, and enhancement update libtasn1-debuginfo-4.10-1.el7.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234