PT-2018-2951 · Rsa · Emc Rsa Bsafe Micro Edition Suite+1

Publicado

2018-08-28

·

Atualizado

2022-04-18

·

CVE-2018-11058

CVSS v3.1

10

Crítica

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions RSA BSAFE Micro Edition Suite versions prior to 4.0.11 RSA BSAFE Micro Edition Suite versions prior to 4.1.6 RSA BSAFE Crypto-C Micro Edition version prior to 4.0.5.3
Description The issue is caused by a Buffer Over-Read vulnerability when parsing ASN.1 data. A remote attacker could use maliciously constructed ASN.1 data to exploit this issue, potentially allowing the execution of arbitrary code in the context of the current user.
Recommendations For RSA BSAFE Micro Edition Suite versions prior to 4.0.11, update to version 4.0.11 or later. For RSA BSAFE Micro Edition Suite versions prior to 4.1.6, update to version 4.1.6 or later. For RSA BSAFE Crypto-C Micro Edition version prior to 4.0.5.3, update to version 4.0.5.3 or later.

Correção

Out of bounds Read

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-125

Identificadores relacionados

BDU:2019-02722
CVE-2018-11058

Produtos afetados

Rsa Bsafe Crypto-C Micro Edition
Emc Rsa Bsafe Micro Edition Suite