| Titolo | Out-of-bounds read in LibTomCrypt 1.18.2 and earlier versions |
|---|
| Descrizione | The der_decode_utf8_string function (in der_decode_utf8_string.c) does not properly detect certain invalid UTF-8 sequences.
This allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) or read information from other memory locations via carefully crafted DER-encoded data. |
|---|
| Fonte | ⚠️ https://github.com/libtom/libtomcrypt/issues/507 |
|---|
| Utente | werew (UID 5065) |
|---|
| Sottomissione | 08/10/2019 13:22 (7 anni fa) |
|---|
| Moderazione | 08/10/2019 15:41 (2 hours later) |
|---|
| Stato | Accettato |
|---|
| Voce VulDB | 142995 [LibTomCrypt fino a 1.18.2 UTF-8 der_decode_utf8_string.c der_decode_utf8_string rivelazione di informazioni] |
|---|
| Punti | 18 |
|---|