CVE-2017-6891 log

Severity High
Remote No
Type Arbitrary code execution
Two errors in the "asn1_find_node()" function (lib/parser_aux.c) within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Coding utility.
Group Package Affected Fixed Severity Status Ticket
AVG-286 lib32-libtasn1 4.10-1 4.11-1 High Fixed
AVG-285 libtasn1 4.10-1 4.11-1 High Fixed
Date Advisory Group Package Severity Type
02 Jun 2017 ASA-201706-3 AVG-285 libtasn1 High arbitrary code execution
12 Jun 2017 ASA-201706-10 AVG-286 lib32-libtasn1 High arbitrary code execution