The asn1buf_imbed function in the ASN.1 decoder in MIT Kerberos 5 (aka krb5) 1.6.3, when PK-INIT is used, allows remote attackers to cause a denial of service (application crash) via a crafted length value that triggers an erroneous malloc call, related to incorrect calculations with pointer arithmetic.
References
Configurations
Information
Published : 2009-04-08 17:30
Updated : 2018-10-10 12:32
NVD link : CVE-2009-0847
Mitre link : CVE-2009-0847
JSON object : View
CWE
CWE-189
Numeric Errors
Products Affected
mit
- kerberos