Debian Security Advisory

DLA-195-1 libtasn1-3 -- LTS security update

Date Reported:
12 Apr 2015
Affected Packages:
Security database references:
In Mitre's CVE dictionary: CVE-2015-2806.
More information:

Hanno Boeck discovered a stack-based buffer overflow in the asn1_der_decoding function in Libtasn1, a library to manage ASN.1 structures. A remote attacker could take advantage of this flaw to cause an application using the Libtasn1 library to crash, or potentially to execute arbitrary code.