In Botan 1.8.0 through 1.11.33, when decoding BER data an integer overflow could occur, which would cause an incorrect length field to be computed. Some API callers may use the returned (incorrect and attacker controlled) length field in a way which later causes memory corruption or other failure.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 03:00
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securityfocus.com/bid/95879 - Third Party Advisory, VDB Entry | |
References | () https://github.com/randombit/botan/commit/987ad747db6d0d7e36f840398f3cf02e2fbfd90f - Patch | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4OUDGVRQYQUL7F5MRP3LAV7EHRJG4BBE/ - | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2Y3JLMTE3VIV4X5X6SXVZTJBDDLCS3D/ - |
07 Nov 2023, 02:36
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2017-01-30 22:59
Updated : 2024-11-21 03:00
NVD link : CVE-2016-9132
Mitre link : CVE-2016-9132
CVE.ORG link : CVE-2016-9132
JSON object : View
Products Affected
botan_project
- botan
CWE
CWE-190
Integer Overflow or Wraparound