CVE-2018-11054

HIGH

RSA BSAFE Micro Edition Suite 4.1.6 - Denial of Service via ASN.1 Integer Overflow

Title source: llm

Description

RSA BSAFE Micro Edition Suite, version 4.1.6, contains an integer overflow vulnerability. A remote attacker could use maliciously constructed ASN.1 data to potentially cause a Denial Of Service.

References (6)

Core 6

Core References

Mailing List, Third Party Advisory mailing-list x_refsource_fulldisc

http://seclists.org/fulldisclosure/2018/Aug/46

Patch, Third Party Advisory x_refsource_misc

https://www.oracle.com/security-alerts/cpuapr2020.html

Patch, Third Party Advisory x_refsource_misc

https://www.oracle.com/security-alerts/cpujul2020.html

Patch, Third Party Advisory x_refsource_misc

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

Patch, Third Party Advisory x_refsource_misc

https://www.oracle.com/security-alerts/cpujan2020.html

Patch, Third Party Advisory x_refsource_misc

https://www.oracle.com/security-alerts/cpuoct2020.html

Scores

CVSS v3 7.5

EPSS 0.0235

EPSS Percentile 85.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-190

Status published

Products (23)

dell/bsafe 4.1.6

oracle/application_testing_suite 13.3.0.1

oracle/communications_analytics 12.1.1

oracle/communications_ip_service_activator 7.3.4

oracle/communications_ip_service_activator 7.4.0

oracle/core_rdbms 11.2.0.4

oracle/core_rdbms 12.1.0.2

oracle/core_rdbms 12.2.0.1

oracle/core_rdbms 18c

oracle/core_rdbms 19c

... and 13 more

Published Aug 31, 2018

Tracked Since Feb 18, 2026