| 제목 | Out-of-bounds read in LibTomCrypt 1.18.2 and earlier versions |
|---|
| 설명 | The der_decode_utf8_string function (in der_decode_utf8_string.c) does not properly detect certain invalid UTF-8 sequences.
This allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) or read information from other memory locations via carefully crafted DER-encoded data. |
|---|
| 원천 | ⚠️ https://github.com/libtom/libtomcrypt/issues/507 |
|---|
| 사용자 | werew (UID 5065) |
|---|
| 제출 | 2019. 10. 08. PM 01:22 (7 연령 ago) |
|---|
| 모더레이션 | 2019. 10. 08. PM 03:41 (2 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 142995 [LibTomCrypt 까지 1.18.2 UTF-8 der_decode_utf8_string.c der_decode_utf8_string 정보 공개] |
|---|
| 포인트들 | 18 |
|---|