ber-decoder.c in Libksba before 1.3.3 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (crash) via crafted BER data, which leads to a buffer overflow.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "1.3.0-3ubuntu0.14.04.2", "binary_name": "libksba-dev" }, { "binary_version": "1.3.0-3ubuntu0.14.04.2", "binary_name": "libksba8" }, { "binary_version": "1.3.0-3ubuntu0.14.04.2", "binary_name": "libksba8-dbgsym" } ] }