CVE-2014-3466 in GnuTLSinfo

Summary

Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a long session id in a ServerHello message.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

05/14/2014

Disclosure

06/03/2014

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
13407	GnuTLS Session ID gnutls_handshake.c read_server_hello memory corruption	119	Proof-of-Concept	Official fix	CVE-2014-3466

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Want to know what is going to be exploited?

We predict KEV entries!