RSA BSAFE Crypto-C Integer Overflow in Base64 Decoding Implementation Lets Remote Users Deny Service : 8/18/2015 3:28:05 AM

Communicate with co-workers in real time. Used by Netflix, Dropbox & Salesforce. $0/unlimited users. Get started >>
From our sponsors
 

 

Vulnerability Databse
This module replaces the description field of a feed to the page it links to (in addition, it wipes out the content:encoded field), so you can get its full text.

RSA BSAFE Crypto-C Integer Overflow in Base64 Decoding Implementation Lets Remote Users Deny Service
8/18/2015 12:00:00 AM

RSA BSAFE Crypto-C Integer Overflow in Base64 Decoding Implementation Lets Remote Users Deny Service
SecurityTracker Alert ID:  1033299
SecurityTracker URL:  http://securitytracker.com/id/1033299
CVE Reference:   CVE-2015-0537   (Links to External Site)
Date:  Aug 18 2015
Impact:   Denial of service via network, Disclosure of user information, Modification of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Micro Edition prior to 4.0.4; Micro Edition 4.1
Description:   A vulnerability was reported in RSA BSAFE Crypto-C. A remote user can cause denial of service conditions on the target system. A remote user may be able to

A remote user can send specially crafted Base64 encoded data to trigger an integer overflow in the Base64 decoding implementation to cause denial of service conditions or potentially cause unexpected behavior.

Impact:   A remote user can cause denial of service conditions.

A remote user may be able to cause unexpected behavior on the target system.

Solution:   The vendor has issued a fix (Crypto-C Micro Edition 4.0.4; Advisory ESA-2015-081).

A fix is not yet available for version 4.1.x.

Vendor URL:  www.rsa.com/ (Links to External Site)
Cause:   Boundary error
Underlying OS:  

Message History:   None.

 

You are receiving this email because you subscribed to this feed at feedmyinbox.com

If you no longer wish to receive these emails, you can unsubscribe from this feed, or manage all your subscriptions

Diberdayakan oleh Blogger.