Home

CVE-2017-5337

Description

Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate.

Risk Information

Base Score
9.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
3.732

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in IBM Security Guardium 10.0Windows
(RHSA-2017:0574) Moderate: gnutls security, bug fix, and enhancement update gnutls-2.12.23-21.el6.i686.rpmLinux
(RHSA-2017:0574) Moderate: gnutls security, bug fix, and enhancement update gnutls-2.12.23-21.el6.x86_64.rpmLinux
(RHSA-2017:0574) Moderate: gnutls security, bug fix, and enhancement update gnutls-devel-2.12.23-21.el6.i686.rpmLinux
(RHSA-2017:0574) Moderate: gnutls security, bug fix, and enhancement update gnutls-devel-2.12.23-21.el6.x86_64.rpmLinux
(RHSA-2017:0574) Moderate: gnutls security, bug fix, and enhancement update gnutls-guile-2.12.23-21.el6.i686.rpmLinux
(RHSA-2017:0574) Moderate: gnutls security, bug fix, and enhancement update gnutls-guile-2.12.23-21.el6.x86_64.rpmLinux
(RHSA-2017:0574) Moderate: gnutls security, bug fix, and enhancement update gnutls-utils-2.12.23-21.el6.i686.rpmLinux
(RHSA-2017:0574) Moderate: gnutls security, bug fix, and enhancement update gnutls-utils-2.12.23-21.el6.x86_64.rpmLinux
(RHSA-2017:2292) Moderate: gnutls security, bug fix, and enhancement update gnutls-3.3.26-9.el7.i686.rpmLinux
(RHSA-2017:2292) Moderate: gnutls security, bug fix, and enhancement update gnutls-3.3.26-9.el7.x86_64.rpmLinux
(RHSA-2017:2292) Moderate: gnutls security, bug fix, and enhancement update gnutls-c++-3.3.26-9.el7.i686.rpmLinux
(RHSA-2017:2292) Moderate: gnutls security, bug fix, and enhancement update gnutls-c++-3.3.26-9.el7.x86_64.rpmLinux
(RHSA-2017:2292) Moderate: gnutls security, bug fix, and enhancement update gnutls-dane-3.3.26-9.el7.i686.rpmLinux
(RHSA-2017:2292) Moderate: gnutls security, bug fix, and enhancement update gnutls-dane-3.3.26-9.el7.x86_64.rpmLinux
(RHSA-2017:2292) Moderate: gnutls security, bug fix, and enhancement update gnutls-devel-3.3.26-9.el7.i686.rpmLinux
(RHSA-2017:2292) Moderate: gnutls security, bug fix, and enhancement update gnutls-devel-3.3.26-9.el7.x86_64.rpmLinux
(RHSA-2017:2292) Moderate: gnutls security, bug fix, and enhancement update gnutls-utils-3.3.26-9.el7.x86_64.rpmLinux
Gnutls update (ELSA-2017-0574) gnutls-2.12.23-21.el6.x86_64.rpmLinux
Gnutls-devel update (ELSA-2017-0574) gnutls-devel-2.12.23-21.el6.x86_64.rpmLinux
Gnutls-guile update (ELSA-2017-0574) gnutls-guile-2.12.23-21.el6.x86_64.rpmLinux
Gnutls-utils update (ELSA-2017-0574) gnutls-utils-2.12.23-21.el6.x86_64.rpmLinux
Gnutls update (ELSA-2017-0574) gnutls-2.12.23-21.el6.i686.rpmLinux
Gnutls-devel update (ELSA-2017-0574) gnutls-devel-2.12.23-21.el6.i686.rpmLinux
Gnutls-guile update (ELSA-2017-0574) gnutls-guile-2.12.23-21.el6.i686.rpmLinux
Gnutls-utils update (ELSA-2017-0574) gnutls-utils-2.12.23-21.el6.i686.rpmLinux
Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-5337)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234