CVE-2018-11058: RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition, version prior to…

critical9.8CVSS 3.1

AVNACLPRNUINSUCHIHAH

RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition, version prior to 4.0.5.3 (in 4.0.x) contain a Buffer Over-Read vulnerability when parsing ASN.1 data. A remote attacker could use maliciously constructed ASN.1 data that would result in such issue.

Affected

28 ranges· showing 25

Vendor	Product	Version range	Fixed in
dell	bsafe	>= 4.0.0 < 4.0.11	4.0.11
dell	bsafe	>= 4.1.0 < 4.1.6	4.1.6
dell	bsafe_crypto-c	>= 4.0.0 < 4.0.5.3	4.0.5.3
oracle	application_testing_suite	—	—
oracle	communications_analytics	—	—
oracle	communications_ip_service_activator	—	—
oracle	communications_ip_service_activator	—	—
oracle	core_rdbms	—	—
oracle	core_rdbms	—	—
oracle	core_rdbms	—	—
oracle	core_rdbms	—	—
oracle	core_rdbms	—	—
oracle	enterprise_manager_ops_center	—	—
oracle	enterprise_manager_ops_center	—	—
oracle	goldengate_application_adapters	—	—
oracle	jd_edwards_enterpriseone_tools	—	—
oracle	real_user_experience_insight	—	—
oracle	real_user_experience_insight	—	—
oracle	real_user_experience_insight	—	—
oracle	retail_predictive_application_server	—	—
oracle	retail_predictive_application_server	—	—
oracle	security_service	—	—
oracle	security_service	—	—
oracle	security_service	—	—
oracle	timesten_in-memory_database	< 18.1.4.1.0	18.1.4.1.0