Lucene search
GoogleOSV:CVE-2016-9132HistoryJan 30, 2017 - 10:59 p.m.
CVE-2016-9132
2017-01-3022:59:00
Google
osv.dev
7
In Botan 1.8.0 through 1.11.33, when decoding BER data an integer overflow could occur, which would cause an incorrect length field to be computed. Some API callers may use the returned (incorrect and attacker controlled) length field in a way which later causes memory corruption or other failure.
References
www.securityfocus.com/bid/95879
github.com/randombit/botan/commit/987ad747db6d0d7e36f840398f3cf02e2fbfd90f
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4OUDGVRQYQUL7F5MRP3LAV7EHRJG4BBE/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2Y3JLMTE3VIV4X5X6SXVZTJBDDLCS3D/
Related
fedora
fedora
[SECURITY] Fedora 25 Update: botan-1.10.14-3.fc25
2016-12-22 16:50:20
[SECURITY] Fedora 24 Update: botan-1.10.14-3.fc24
2016-12-22 18:18:55
openvas
openvas
Fedora Update for botan FEDORA-2016-7de64a450f
2016-12-23 00:00:00
Fedora Update for botan FEDORA-2016-3b59109c48
2016-12-23 00:00:00
Debian: Security Advisory (DLA-786-1)
2023-03-08 00:00:00
debiancve
debiancve
CVE-2016-9132
2017-01-30 22:59:00
debian
debian
[SECURITY] [DLA 786-1] botan1.10 security update
2017-01-16 09:24:49
ubuntucve
ubuntucve
CVE-2016-9132
2017-01-30 00:00:00
osv
osv
botan1.10 - security update
2017-01-16 00:00:00
Botan-2.18.1-1.3 on GA media
2024-06-15 00:00:00
prion
prion
Integer overflow
2017-01-30 22:59:00
nvd
nvd
CVE-2016-9132
2017-01-30 22:59:00
nessus
nessus
Fedora 25 : botan (2016-3b59109c48)
2016-12-27 00:00:00
Debian DLA-786-1 : botan1.10 security update
2017-01-17 00:00:00
Fedora 24 : botan (2016-7de64a450f)
2016-12-27 00:00:00
cve
cve
CVE-2016-9132
2017-01-30 22:59:00
cvelist
cvelist
CVE-2016-9132
2017-01-30 22:00:00
mageia
mageia
Updated botan packages fix security vulnerabilities
2017-09-02 00:10:29