FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

gnutls -- client-side memory corruption

Affected packages
gnutls < 2.12.23_6

Details

VuXML ID 9733c480-ebff-11e3-970b-206a8a720317
Discovery 2014-05-14
Entry 2014-06-04

GnuTLS project reports:

This vulnerability affects the client side of the gnutls library. A server that sends a specially crafted ServerHello could corrupt the memory of a requesting client.

References

CVE Name CVE-2014-3466
URL http://www.gnutls.org/security.html#GNUTLS-SA-2014-3