CVE-2018-11056
31.08.2018, 18:29
RSA BSAFE Micro Edition Suite, prior to 4.1.6.1 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.3 (in 4.0.x) contain an Uncontrolled Resource Consumption ('Resource Exhaustion') vulnerability when parsing ASN.1 data. A remote attacker could use maliciously constructed ASN.1 data that would exhaust the stack, potentially causing a Denial Of Service.Enginsight| Vendor | Product | Version |
|---|---|---|
| dell | bsafe | 4.1.0 ≤ 𝑥 < 4.1.6.1 |
| dell | bsafe_crypto-c | 4.0.0 ≤ 𝑥 < 4.0.5.3 |
| oracle | application_testing_suite | 13.3.0.1 |
| oracle | communications_analytics | 12.1.1 |
| oracle | communications_ip_service_activator | 7.3.0 |
| oracle | communications_ip_service_activator | 7.4.0 |
| oracle | core_rdbms | 11.2.0.4 |
| oracle | core_rdbms | 12.1.0.2 |
| oracle | core_rdbms | 12.2.0.1 |
| oracle | enterprise_manager_ops_center | 12.3.3 |
| oracle | enterprise_manager_ops_center | 12.4.0 |
| oracle | goldengate_application_adapters | 12.3.2.1.0 |
| oracle | jd_edwards_enterpriseone_tools | 9.2 |
| oracle | real_user_experience_insight | 13.1.2.1 |
| oracle | real_user_experience_insight | 13.2.3.1 |
| oracle | real_user_experience_insight | 13.3.1.0 |
| oracle | retail_predictive_application_server | 15.0.3 |
| oracle | retail_predictive_application_server | 16.0.3.0 |
| oracle | security_service | 11.1.1.9.0 |
| oracle | security_service | 12.1.3.0.0 |
| oracle | security_service | 12.2.1.3.0 |
| oracle | timesten_in-memory_database | 𝑥 < 18.1.4.1.0 |
𝑥
= Vulnerable software versions
References