| Severity |
|
| Remote |
|
| Type |
| + |
Arbitrary code execution |
|
| Description |
| + |
Two errors in the "asn1_find_node()" function (lib/parser_aux.c) within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Coding utility. |
|
| References |
| + |
https://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commitdiff;h=5520704d075802df25ce4ffccc010ba1641bd484 |
| + |
https://secuniaresearch.flexerasoftware.com/secunia_research/2017-11/ |
|
| Notes |
|