VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Jun 5, 2014· Updated May 6, 2026

CVE-2014-3467

CVE-2014-3467

Description

Multiple unspecified vulnerabilities in the DER decoder in GNU Libtasn1 before 3.6, as used in GnuTLS, allow remote attackers to cause a denial of service (out-of-bounds read) via crafted ASN.1 data.

Affected products

35
  • GNU/Gnutls
    cpe:2.3:a:gnu:gnutls:*:*:*:*:*:*:*:*
    Range: <3.5.7
  • GNU/Libtasn1
    cpe:2.3:a:gnu:libtasn1:*:*:*:*:*:*:*:*
    Range: <3.6
  • Red Hat/Virtualization
    cpe:2.3:a:redhat:virtualization:6.0:*:*:*:*:*:*:*
  • Debian/Debian Linux
    cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
  • Red Hat/Enterprise Linux Desktop3 versions
    cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
  • Red Hat/Enterprise Linux Eus6 versions
    cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:o:redhat:enterprise_linux_eus:6.5:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
  • Red Hat/Enterprise Linux Server3 versions
    cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
  • Red Hat/Enterprise Linux Server Aus5 versions
    cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
  • Red Hat/Enterprise Linux Server Tus4 versions
    cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:o:redhat:enterprise_linux_server_tus:6.5:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
  • Red Hat/Enterprise Linux Workstation3 versions
    cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
    • cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
  • SUSE S.A./Linux Enterprise Desktop
    cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*
  • SUSE S.A./Linux Enterprise High Availability Extension
    cpe:2.3:o:suse:linux_enterprise_high_availability_extension:11:sp3:*:*:*:*:*:*
  • SUSE S.A./Linux Enterprise Server4 versions
    cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:*:*:*+ 3 more
    • cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:*:*:*
    • cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*
    • cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*
    • cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*
  • SUSE S.A./Linux Enterprise Software Development Kit
    cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

24

News mentions

0

No linked articles in our index yet.