| Titel | Out-of-bounds read in LibTomCrypt 1.18.2 and earlier versions |
|---|
| Beschreibung | The der_decode_utf8_string function (in der_decode_utf8_string.c) does not properly detect certain invalid UTF-8 sequences.
This allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) or read information from other memory locations via carefully crafted DER-encoded data. |
|---|
| Quelle | ⚠️ https://github.com/libtom/libtomcrypt/issues/507 |
|---|
| Benutzer | werew (UID 5065) |
|---|
| Einreichung | 08.10.2019 13:22 (vor 7 Jahren) |
|---|
| Moderieren | 08.10.2019 15:41 (2 hours later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 142995 [LibTomCrypt bis 1.18.2 UTF-8 der_decode_utf8_string.c der_decode_utf8_string Information Disclosure] |
|---|
| Punkte | 18 |
|---|