NULL pointer dereference vulnerability in gnutls_x509_dn_oid_name function in GnuTLS

NULL pointer dereference vulnerability in gnutls_x509_dn_oid_name function in GnuTLS

CVE-2014-3465 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The gnutls_x509_dn_oid_name function in lib/x509/common.c in GnuTLS 3.0 before 3.1.20 and 3.2.x before 3.2.10 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted X.509 certificate, related to a missing LDAP description for an OID when printing the DN.

Learn more about our Web Application Penetration Testing UK.