The asn1buf_imbed function in the ASN.1 decoder in MIT Kerberos 5 (aka krb5) 1.6.3, when PK-INIT is used, allows remote attackers to cause a denial of service (application crash) via a crafted length value that triggers an erroneous malloc call, related to incorrect calculations with pointer arithmetic.
References
Configurations
History
No history.
Information
Published : 2009-04-09 00:30
Updated : 2024-02-28 11:21
NVD link : CVE-2009-0847
Mitre link : CVE-2009-0847
CVE.ORG link : CVE-2009-0847
JSON object : View
Products Affected
mit
- kerberos
CWE
CWE-189
Numeric Errors