CVE-2015-0537

Name of the Vulnerable Software and Affected Versions EMC RSA BSAFE Micro Edition Suite (MES) versions 4.0.x through 4.0.7 EMC RSA BSAFE Micro Edition Suite (MES) versions 4.1.x through 4.1.2 RSA BSAFE Crypto-C Micro Edition (Crypto-C ME) versions prior to 4.0.4 RSA BSAFE Crypto-C Micro Edition (Crypto-C ME) version 4.1 RSA BSAFE SSL-C versions prior to 2.8.10

Description The issue is related to an integer underflow in the base64-decoding implementation, which allows remote attackers to cause a denial of service, such as memory corruption or a segmentation fault, via crafted base64 data.

Recommendations For EMC RSA BSAFE Micro Edition Suite (MES) versions 4.0.x through 4.0.7, update to version 4.0.8 or later. For EMC RSA BSAFE Micro Edition Suite (MES) versions 4.1.x through 4.1.2, update to version 4.1.3 or later. For RSA BSAFE Crypto-C Micro Edition (Crypto-C ME) versions prior to 4.0.4, update to version 4.0.4 or later. For RSA BSAFE Crypto-C Micro Edition (Crypto-C ME) version 4.1, update to a version later than 4.1. For RSA BSAFE SSL-C versions prior to 2.8.10, update to version 2.8.10 or later.