CVE-2014-9087

Name of the Vulnerable Software and Affected Versions Libksba versions prior to 1.3.2

Description The issue allows remote attackers to cause a denial of service (crash) via a crafted OID in a S/MIME message or ECC based OpenPGP data, which triggers a buffer overflow. This occurs due to an integer underflow in the ksba oid to str function.

Recommendations For versions prior to 1.3.2, update to version 1.3.2 or later to resolve the issue. As a temporary workaround, consider restricting the processing of S/MIME messages and ECC based OpenPGP data to minimize the risk of exploitation.