GnuTLS 'libdane/dane.c' CVE-2013-4487 Incomplete Fix Remote Buffer Overflow Vulnerability

GnuTLS is prone to a remote buffer-overflow vulnerability due to an off-by-one error in the 'libdane' library.

Attackers may leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts may result in a denial-of-service condition.

Versions prior to GnuTLS 3.1.16 and 3.2.6 are vulnerable.

Note: This issue is the result of an incomplete fix for the issue described in BID 63326 (GnuTLS CVE-2013-4466 'libdane/dane.c' Remote Buffer Overflow Vulnerability).


 

Privacy Statement
Copyright 2010, SecurityFocus