Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

Vulnerability Intelligence

Customers

Vulnerability IntelligenceCVE-2015-2806

CVE-2015-2806

UNKNOWN

Stack-based buffer overflow in asn1_der_decoding in libtasn1 before 4

Published Apr 10, 2015

Modified 1 years ago

Details

Stack-based buffer overflow in asn1_der_decoding in libtasn1 before 4.4 allows remote attackers to have unspecified impact via unknown vectors.

References

WEB

http://git.savannah.gnu.org/gitweb/?p=libtasn1.git%3Ba=commit%3Bh=4d4f992826a4962790ecd0cce6fbba4a415ce149

ADVISORY

http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154741.html

ADVISORY

http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154805.html

ADVISORY

http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155117.html

ADVISORY

http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155270.html

ADVISORY

http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155435.html

ADVISORY

http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155483.html

ADVISORY

http://www.debian.org/security/2015/dsa-3220

ADVISORY

http://www.mandriva.com/security/advisories?name=MDVSA-2015:193

WEB

http://www.openwall.com/lists/oss-security/2015/03/29/4

WEB

http://www.openwall.com/lists/oss-security/2015/03/31/2

WEB

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

WEB

http://www.securityfocus.com/bid/73436

WEB

http://www.securitytracker.com/id/1032080

ADVISORY

http://www.ubuntu.com/usn/USN-2559-1

ADVISORY

https://access.redhat.com/errata/RHSA-2017:1860

ADVISORY

https://security.gentoo.org/glsa/201509-04

ADVISORY

https://www.cve.org/CVERecord?id=CVE-2015-2806

CVSS Analysis

CVSS v2.0

10.0

Exploitability

Access Vector

NetworkAV:N

Access Complexity

LowAC:L

Authentication

NoneAu:N

Impact

Confidentiality

CompleteC:C

Integrity

CompleteI:C

Availability

CompleteA:C

10/AV:N/AC:L/Au:N/C:C/I:C/A:C

Ecosystems

Timeline

PublishedApr 10, 2015

ModifiedAug 6, 2024

CVE-2015-2806 | Mondoo Vulnerability Intelligence