CVE-2016-2195

Integer overflow in the PointGFp constructor in Botan before 1.10.11 and 1.11.x before 1.11.27 allows remote attackers to overwrite memory and possibly execute arbitrary code via a crafted ECC point, which triggers a heap-based buffer overflow.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 89%
VendorProductVersion
botan_projectbotan
𝑥
≤ 1.10.10
botan_projectbotan
1.11.0
botan_projectbotan
1.11.1
botan_projectbotan
1.11.2
botan_projectbotan
1.11.3
botan_projectbotan
1.11.4
botan_projectbotan
1.11.5
botan_projectbotan
1.11.6
botan_projectbotan
1.11.7
botan_projectbotan
1.11.8
botan_projectbotan
1.11.9
botan_projectbotan
1.11.10
botan_projectbotan
1.11.11
botan_projectbotan
1.11.12
botan_projectbotan
1.11.13
botan_projectbotan
1.11.14
botan_projectbotan
1.11.15
botan_projectbotan
1.11.16
botan_projectbotan
1.11.17
botan_projectbotan
1.11.18
botan_projectbotan
1.11.19
botan_projectbotan
1.11.20
botan_projectbotan
1.11.21
botan_projectbotan
1.11.22
botan_projectbotan
1.11.23
botan_projectbotan
1.11.24
botan_projectbotan
1.11.25
botan_projectbotan
1.11.26
debiandebian_linux
8.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
botan1.10
zesty
not-affected
yakkety
not-affected
xenial
not-affected
wily
ignored
trusty
Fixed 1.10.5-1+deb7u1ubuntu0.14.04.1
released
precise
ignored
Common Weakness Enumeration
References
http://botan.randombit.net/security.html
http://marc.info/?l=botan-devel&m=145435148602911&w=2
http://www.debian.org/security/2016/dsa-3565
https://security.gentoo.org/glsa/201612-38
http://botan.randombit.net/security.html
http://marc.info/?l=botan-devel&m=145435148602911&w=2
http://www.debian.org/security/2016/dsa-3565
https://security.gentoo.org/glsa/201612-38