CVE-2012-1663

Gnutls < 3.0.13 - Resource Management Error

Title source: rule

Description

Double free vulnerability in libgnutls in GnuTLS before 3.0.14 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted certificate list.

Exploits (1)

exploitdb WRITEUP

by Shawn the R0ck · textdoslinux

https://www.exploit-db.com/exploits/24865

View Code ZIP pw:eip

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/74099

Exploit, Third Party Advisory exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/24865

Patch mailing-list x_refsource_mlist

http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5866

Scores

EPSS 0.0106

EPSS Percentile 77.8%

Details

CWE

CWE-399

Status published

Products (50)

gnu/gnutls 1.0.16

gnu/gnutls 1.0.17

gnu/gnutls 1.0.18

gnu/gnutls 1.0.19

gnu/gnutls 1.0.20

gnu/gnutls 1.0.21

gnu/gnutls 1.0.22

gnu/gnutls 1.0.23

gnu/gnutls 1.0.24

gnu/gnutls 1.0.25

... and 40 more

Published Mar 13, 2012

Tracked Since Feb 18, 2026