CVE-2015-0537

CWE-1913 documents3 sources
Severity
9.8CRITICAL
EPSS
2.3%
top 15.33%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Dell BsafeDell Bsafe Crypto-cDell Bsafe Ssl-c
Timeline
PublishedAug 20
Latest updateMay 13

Description

Integer underflow in the base64-decoding implementation in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3, RSA BSAFE Crypto-C Micro Edition (Crypto-C ME) before 4.0.4 and 4.1, and RSA BSAFE SSL-C 2.8.9 and earlier allows remote attackers to cause a denial of service (memory corruption or segmentation fault) or possibly have unspecified other impact via crafted base64 data, a similar issue to CVE-2015-0292.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages3 packages

NVDdell/bsafe_crypto-c< 4.0.4
NVDdell/bsafe4.0.04.0.8+1
NVDdell/bsafe_ssl-c2.8.9

🔴Vulnerability Details

2
GHSA
GHSA-45w8-hp4w-6fr6: Integer underflow in the base64-decoding implementation in EMC RSA BSAFE Micro Edition Suite (MES) 42022-05-13
CVEList
CVE-2015-0537: Integer underflow in the base64-decoding implementation in EMC RSA BSAFE Micro Edition Suite (MES) 42015-08-20
CVE-2015-0537 (CRITICAL CVSS 9.8) | Integer underflow in the base64-dec | cvebase.io