Numeric Errors
CVE-2016-4574
Summary
Off-by-one error in the append_utf8_value function in the DN decoder (dn.c) in Libksba before 1.3.4 allows remote attackers to cause a denial of service (out-of-bounds read) via invalid utf-8 encoded data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-4356.
- LOW
- NETWORK
- NONE
- UNCHANGED
- NONE
- NONE
- NONE
- HIGH
CWE-189 - Numeric Errors
Weaknesses in this category are related to improper calculation or conversion of numbers.
References
Advisory Timeline
- Published