Debian Security Advisory
DLA-195-1 libtasn1-3 -- LTS security update
- Date Reported:
- 12 Apr 2015
- Affected Packages:
- libtasn1-3
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2015-2806.
- More information:
-
Hanno Boeck discovered a stack-based buffer overflow in the asn1_der_decoding function in Libtasn1, a library to manage ASN.1 structures. A remote attacker could take advantage of this flaw to cause an application using the Libtasn1 library to crash, or potentially to execute arbitrary code.