cve/CVE-2016-4008.md at 7482ec4521a75dd13882dc1283f17009c936e974

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 09:12:08 +00:00

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

Description

The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.8, when used without the ASN1_DECODE_FLAG_STRICT_DER flag, allows remote attackers to cause a denial of service (infinite recursion) via a crafted certificate.

POC

Reference

http://www.openwall.com/lists/oss-security/2016/04/11/3
http://www.openwall.com/lists/oss-security/2016/04/11/3

Github

https://github.com/mrash/afl-cve

774 B Raw Blame History

CVE-2016-4008

Description

POC

Reference

Github

774 B

Raw Blame History