CVE-2017-7869 in GnuTLSinfo

Summary

GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdk_pkt_read function in opencdk/read-packet.c. This issue (which is a subset of the vendor's GNUTLS-SA-2017-3 report) is fixed in 3.5.10.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

04/14/2017

Disclosure

04/14/2017

Moderation

VulDB entry created

Entries

VDB-99856 (1)

CPE

ready

CWE

CWE-787 (Confirmed)

CVSS

7.4

EPSS

0.00703

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-7869
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-7869
CVE Details	https://www.cvedetails.com/cve/CVE-2017-7869/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!