CVE

Id
102157  
CVE No.
CVE-2017-5337  
Status
Candidate  
Description
Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate.  
Phase
Assigned (20170110)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
804719 102157 CVE-2017-5337 MLIST:[oss-security] 20170110 CVE request: two advisories for GnuTLS GNUTLS-SA-2017-1, GNUTLS-SA-2017-2, fixed in 3.3.26, 3.5.8  View
804720 102157 CVE-2017-5337 URL:http://www.openwall.com/lists/oss-security/2017/01/10/7  View
804721 102157 CVE-2017-5337 MLIST:[oss-security] 20170110 Re: CVE request: two advisories for GnuTLS GNUTLS-SA-2017-1, GNUTLS-SA-2017-2, fixed in 3.3.26, 3.5.8  View
804722 102157 CVE-2017-5337 URL:http://www.openwall.com/lists/oss-security/2017/01/11/4  View
804723 102157 CVE-2017-5337 MISC:https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=338  View
804724 102157 CVE-2017-5337 MISC:https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=346  View
804725 102157 CVE-2017-5337 CONFIRM:https://gitlab.com/gnutls/gnutls/commit/94fcf1645ea17223237aaf8d19132e004afddc1a  View
804726 102157 CVE-2017-5337 CONFIRM:https://gnutls.org/security.html#GNUTLS-SA-2017-2  View
804727 102157 CVE-2017-5337 GENTOO:GLSA-201702-04  View
804728 102157 CVE-2017-5337 URL:https://security.gentoo.org/glsa/201702-04  View
804729 102157 CVE-2017-5337 SUSE:openSUSE-SU-2017:0386  View
804730 102157 CVE-2017-5337 URL:http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00005.html  View
804731 102157 CVE-2017-5337 BID:95372  View
804732 102157 CVE-2017-5337 URL:http://www.securityfocus.com/bid/95372  View
804733 102157 CVE-2017-5337 SECTRACK:1037576  View

Related JVN