CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-17362

In LibTomCrypt through 1.18.2, the der_decode_utf8_string function (in der_decode_utf8_string.c) does not properly detect certain invalid UTF-8 sequences. This allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) or read information from other memory locations via carefully crafted DER-encoded data.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 70.2%

CVSS Severity

CVSS v3 Score 9.1

CVSS v2 Score 6.4

References

Products affected by CVE-2019-17362

Libtom » Libtomcrypt » Version: 0.75

cpe:2.3:a:libtom:libtomcrypt:0.75
Libtom » Libtomcrypt » Version: 0.76

cpe:2.3:a:libtom:libtomcrypt:0.76
Libtom » Libtomcrypt » Version: 0.77

cpe:2.3:a:libtom:libtomcrypt:0.77
Libtom » Libtomcrypt » Version: 0.78

cpe:2.3:a:libtom:libtomcrypt:0.78
Libtom » Libtomcrypt » Version: 0.79

cpe:2.3:a:libtom:libtomcrypt:0.79
Libtom » Libtomcrypt » Version: 0.80

cpe:2.3:a:libtom:libtomcrypt:0.80
Libtom » Libtomcrypt » Version: 0.81

cpe:2.3:a:libtom:libtomcrypt:0.81
Libtom » Libtomcrypt » Version: 0.82

cpe:2.3:a:libtom:libtomcrypt:0.82
Libtom » Libtomcrypt » Version: 0.83

cpe:2.3:a:libtom:libtomcrypt:0.83
Libtom » Libtomcrypt » Version: 0.84

cpe:2.3:a:libtom:libtomcrypt:0.84
Libtom » Libtomcrypt » Version: 0.85

cpe:2.3:a:libtom:libtomcrypt:0.85
Libtom » Libtomcrypt » Version: 0.86

cpe:2.3:a:libtom:libtomcrypt:0.86
Libtom » Libtomcrypt » Version: 0.87

cpe:2.3:a:libtom:libtomcrypt:0.87
Libtom » Libtomcrypt » Version: 0.88

cpe:2.3:a:libtom:libtomcrypt:0.88
Libtom » Libtomcrypt » Version: 0.89

cpe:2.3:a:libtom:libtomcrypt:0.89
Libtom » Libtomcrypt » Version: 0.90

cpe:2.3:a:libtom:libtomcrypt:0.90
Libtom » Libtomcrypt » Version: 0.91

cpe:2.3:a:libtom:libtomcrypt:0.91
Libtom » Libtomcrypt » Version: 0.92

cpe:2.3:a:libtom:libtomcrypt:0.92
Libtom » Libtomcrypt » Version: 0.93

cpe:2.3:a:libtom:libtomcrypt:0.93
Libtom » Libtomcrypt » Version: 0.94

cpe:2.3:a:libtom:libtomcrypt:0.94
Libtom » Libtomcrypt » Version: 0.95

cpe:2.3:a:libtom:libtomcrypt:0.95
Libtom » Libtomcrypt » Version: 0.96

cpe:2.3:a:libtom:libtomcrypt:0.96
Libtom » Libtomcrypt » Version: 0.97

cpe:2.3:a:libtom:libtomcrypt:0.97
Libtom » Libtomcrypt » Version: 0.98

cpe:2.3:a:libtom:libtomcrypt:0.98
Libtom » Libtomcrypt » Version: 0.99

cpe:2.3:a:libtom:libtomcrypt:0.99
Libtom » Libtomcrypt » Version: 1.00

cpe:2.3:a:libtom:libtomcrypt:1.00
Libtom » Libtomcrypt » Version: 1.01

cpe:2.3:a:libtom:libtomcrypt:1.01
Libtom » Libtomcrypt » Version: 1.02

cpe:2.3:a:libtom:libtomcrypt:1.02
Libtom » Libtomcrypt » Version: 1.03

cpe:2.3:a:libtom:libtomcrypt:1.03
Libtom » Libtomcrypt » Version: 1.04

cpe:2.3:a:libtom:libtomcrypt:1.04
Libtom » Libtomcrypt » Version: 1.05

cpe:2.3:a:libtom:libtomcrypt:1.05
Libtom » Libtomcrypt » Version: 1.06

cpe:2.3:a:libtom:libtomcrypt:1.06
Libtom » Libtomcrypt » Version: 1.07

cpe:2.3:a:libtom:libtomcrypt:1.07
Libtom » Libtomcrypt » Version: 1.08

cpe:2.3:a:libtom:libtomcrypt:1.08
Libtom » Libtomcrypt » Version: 1.09

cpe:2.3:a:libtom:libtomcrypt:1.09
Libtom » Libtomcrypt » Version: 1.10

cpe:2.3:a:libtom:libtomcrypt:1.10
Libtom » Libtomcrypt » Version: 1.11

cpe:2.3:a:libtom:libtomcrypt:1.11
Libtom » Libtomcrypt » Version: 1.12

cpe:2.3:a:libtom:libtomcrypt:1.12
Libtom » Libtomcrypt » Version: 1.13

cpe:2.3:a:libtom:libtomcrypt:1.13
Libtom » Libtomcrypt » Version: 1.14

cpe:2.3:a:libtom:libtomcrypt:1.14
Libtom » Libtomcrypt » Version: 1.15

cpe:2.3:a:libtom:libtomcrypt:1.15
Libtom » Libtomcrypt » Version: 1.16

cpe:2.3:a:libtom:libtomcrypt:1.16
Libtom » Libtomcrypt » Version: 1.17

cpe:2.3:a:libtom:libtomcrypt:1.17
Libtom » Libtomcrypt » Version: 1.18.0

cpe:2.3:a:libtom:libtomcrypt:1.18.0
Libtom » Libtomcrypt » Version: 1.18.1

cpe:2.3:a:libtom:libtomcrypt:1.18.1
Libtom » Libtomcrypt » Version: 1.18.2

cpe:2.3:a:libtom:libtomcrypt:1.18.2
Debian » Debian Linux » Version: 8.0

cpe:2.3:o:debian:debian_linux:8.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-17362

Products

Pricing

Contact Us