CVE-2008-2377 in gnutlsinfo

Summary

Use-after-free vulnerability in the _gnutls_handshake_hash_buffers_clear function in lib/gnutls_handshake.c in libgnutls in GnuTLS 2.3.5 through 2.4.0 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via TLS transmission of data that is improperly used when the peer calls gnutls_handshake within a normal session, leading to attempted access to a deallocated libgcrypt handle.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

05/21/2008

Disclosure

08/08/2008

Moderation

VulDB entry created

Entries

VDB-43587 (1)

CPE

ready

CWE

CWE-119 (Confirmed)

CVSS

10.0

EPSS

0.12196

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2008-2377
NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-2377
CVE Details	https://www.cvedetails.com/cve/CVE-2008-2377/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!