CVE-2018-11056
published 2018-08-31CVE-2018-11056: RSA BSAFE Micro Edition Suite, prior to 4.1.6.1 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.3 (in 4.0.x) contain an Uncontrolled…
medium6.5CVSS 3.1
AVNACLPRLUINSUCNINAH
RSA BSAFE Micro Edition Suite, prior to 4.1.6.1 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.3 (in 4.0.x) contain an Uncontrolled Resource Consumption ('Resource Exhaustion') vulnerability when parsing ASN.1 data. A remote attacker could use maliciously constructed ASN.1 data that would exhaust the stack, potentially causing a Denial Of Service.
Affected
26 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dell | bsafe | >= 4.1.0 < 4.1.6.1 | 4.1.6.1 |
| dell | bsafe_crypto-c | >= 4.0.0 < 4.0.5.3 | 4.0.5.3 |
| oracle | application_testing_suite | — | — |
| oracle | communications_analytics | — | — |
| oracle | communications_ip_service_activator | — | — |
| oracle | communications_ip_service_activator | — | — |
| oracle | core_rdbms | — | — |
| oracle | core_rdbms | — | — |
| oracle | core_rdbms | — | — |
| oracle | core_rdbms | — | — |
| oracle | core_rdbms | — | — |
| oracle | enterprise_manager_ops_center | — | — |
| oracle | enterprise_manager_ops_center | — | — |
| oracle | goldengate_application_adapters | — | — |
| oracle | jd_edwards_enterpriseone_tools | — | — |
| oracle | real_user_experience_insight | — | — |
| oracle | real_user_experience_insight | — | — |
| oracle | real_user_experience_insight | — | — |
| oracle | retail_predictive_application_server | — | — |
| oracle | retail_predictive_application_server | — | — |
| oracle | security_service | — | — |
| oracle | security_service | — | — |
| oracle | security_service | — | — |
| oracle | timesten_in-memory_database | < 18.1.4.1.0 | 18.1.4.1.0 |
| rsa | bsafe_crypto-c_micro_edition | >= unspecified < 4.0.5.3 | 4.0.5.3 |