Computer Security
[EN] securityvulns.ru no-pyccku


GnuTLS memory corruption
Published:24.11.2014
Source:
SecurityVulns ID:14100
Type:library
Threat Level:
7/10
Description:Memory corruption on ECC.
Affected:GNU : GnuTLS 3.3
CVE:CVE-2014-8564 (The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) Elliptic Curve Cryptography (ECC) certificate or (2) certificate signing requests (CSR), related to generating key IDs.)
Original documentdocumentMANDRIVA, [ MDVSA-2014:215 ] gnutls (24.11.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod