CVE-2019-17362

In LibTomCrypt through 1.18.2, the der_decode_utf8_string function (in der_decode_utf8_string.c) does not properly detect certain invalid UTF-8 sequences. This allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) or read information from other memory locations via carefully crafted DER-encoded data.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:libtom:libtomcrypt:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Information

Published : 2019-10-08 18:15

Updated : 2019-11-09 11:15


NVD link : CVE-2019-17362

Mitre link : CVE-2019-17362


JSON object : View

CWE
CWE-125

Out-of-bounds Read

Advertisement

dedicated server usa

Products Affected

libtom

  • libtomcrypt

debian

  • debian_linux