CVE-2019-3729

RSA BSAFE Micro Edition Suite versions prior to 4.4 (in 4.0.x, 4.1.x, 4.2.x and 4.3.x) are vulnerable to a Heap-based Buffer Overflow vulnerability when parsing ECDSA signature. A malicious user with adjacent network access could potentially exploit this vulnerability to cause a crash in the library of the affected system.
References
Link Resource
https://www.dell.com/support/kbdoc/000194054 Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:dell:bsafe_micro-edition-suite:*:*:*:*:*:*:*:*
cpe:2.3:a:dell:bsafe_micro-edition-suite:*:*:*:*:*:*:*:*

History

12 Apr 2022, 18:40

Type Values Removed Values Added
References (MISC) https://www.dell.com/support/kbdoc/000194054 - (MISC) https://www.dell.com/support/kbdoc/000194054 - Vendor Advisory

04 Feb 2022, 23:15

Type Values Removed Values Added
References
  • {'url': 'https://www.dell.com/support/security/en-us/details/DOC-107000/DSA-2019-079-RSA-BSAFE®-Crypto-C-Micro-Edition-and-Micro-Edition-Suite-Multiple-Security-Vulnerab', 'name': 'https://www.dell.com/support/security/en-us/details/DOC-107000/DSA-2019-079-RSA-BSAFE®-Crypto-C-Micro-Edition-and-Micro-Edition-Suite-Multiple-Security-Vulnerab', 'tags': ['Third Party Advisory'], 'refsource': 'MISC'}
  • (MISC) https://www.dell.com/support/kbdoc/000194054 -

09 Dec 2021, 18:21

Type Values Removed Values Added
CPE cpe:2.3:a:dell:bsafe:*:*:*:*:micro_edition_suite:*:*:* cpe:2.3:a:dell:bsafe_micro-edition-suite:*:*:*:*:*:*:*:*

30 Nov 2021, 17:25

Type Values Removed Values Added
CPE cpe:2.3:a:emc:rsa_bsafe:*:*:*:*:micro_edition_suite:*:*:* cpe:2.3:a:dell:bsafe:*:*:*:*:micro_edition_suite:*:*:*

29 Oct 2021, 19:54

Type Values Removed Values Added
CWE CWE-120 CWE-787

Information

Published : 2019-09-30 22:15

Updated : 2024-02-04 20:39


NVD link : CVE-2019-3729

Mitre link : CVE-2019-3729

CVE.ORG link : CVE-2019-3729


JSON object : View

Products Affected

dell

  • bsafe_micro-edition-suite
CWE
CWE-787

Out-of-bounds Write

CWE-121

Stack-based Buffer Overflow