| Title | Out-of-bounds read in LibTomCrypt 1.18.2 and earlier versions |
|---|
| Description | The der_decode_utf8_string function (in der_decode_utf8_string.c) does not properly detect certain invalid UTF-8 sequences.
This allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) or read information from other memory locations via carefully crafted DER-encoded data. |
|---|
| Source | ⚠️ https://github.com/libtom/libtomcrypt/issues/507 |
|---|
| User | werew (UID 5065) |
|---|
| Submission | 10/08/2019 13:22 (7 years ago) |
|---|
| Moderation | 10/08/2019 15:41 (2 hours later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 142995 [LibTomCrypt up to 1.18.2 UTF-8 der_decode_utf8_string.c der_decode_utf8_string out-of-bounds] |
|---|
| Points | 18 |
|---|