CVE-2006-3894

CWE-3994 documents4 sources

Severity

5.0MEDIUM

EPSS

12.3%

top 6.15%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Dell Bsafe Cert-c Dell Bsafe Crypto-c

Timeline

PublishedMay 22

Latest updateMay 1

Description

The RSA Crypto-C before 6.3.1 and Cert-C before 2.8 libraries, as used by RSA BSAFE, multiple Cisco products, and other products, allows remote attackers to cause a denial of service via malformed ASN.1 objects.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶NVDdell/bsafe_cert-c2.7

▶NVDdell/bsafe_crypto-c6.3

🔴Vulnerability Details

GHSA

GHSA-m7g4-rpgq-jc74: The RSA Crypto-C before 6↗2022-05-01

▶

CVEList

CVE-2006-3894: The RSA Crypto-C before 6↗2007-05-22

▶

📋Vendor Advisories

Cisco

Vulnerability In Crypto Library↗2007-05-22

▶