Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-11056 | 2 Dell, Oracle | 13 Bsafe, Bsafe Crypto-c, Application Testing Suite and 10 more | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
RSA BSAFE Micro Edition Suite, prior to 4.1.6.1 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.3 (in 4.0.x) contain an Uncontrolled Resource Consumption ('Resource Exhaustion') vulnerability when parsing ASN.1 data. A remote attacker could use maliciously constructed ASN.1 data that would exhaust the stack, potentially causing a Denial Of Service. | |||||
CVE-2018-11058 | 2 Dell, Oracle | 13 Bsafe, Bsafe Crypto-c, Application Testing Suite and 10 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition, version prior to 4.0.5.3 (in 4.0.x) contain a Buffer Over-Read vulnerability when parsing ASN.1 data. A remote attacker could use maliciously constructed ASN.1 data that would result in such issue. | |||||
CVE-2015-0537 | 1 Dell | 3 Bsafe, Bsafe Crypto-c, Bsafe Ssl-c | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
Integer underflow in the base64-decoding implementation in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3, RSA BSAFE Crypto-C Micro Edition (Crypto-C ME) before 4.0.4 and 4.1, and RSA BSAFE SSL-C 2.8.9 and earlier allows remote attackers to cause a denial of service (memory corruption or segmentation fault) or possibly have unspecified other impact via crafted base64 data, a similar issue to CVE-2015-0292. | |||||
CVE-2006-3894 | 1 Dell | 2 Bsafe Cert-c, Bsafe Crypto-c | 2024-02-04 | 5.0 MEDIUM | N/A |
The RSA Crypto-C before 6.3.1 and Cert-C before 2.8 libraries, as used by RSA BSAFE, multiple Cisco products, and other products, allows remote attackers to cause a denial of service via malformed ASN.1 objects. |