Asn1C
Monthly
Heap out-of-bounds read in mouse07410/asn1c versions 1.4 and earlier allows remote attackers to crash applications or corrupt integer parsing logic by sending a zero-length OER payload for a variable-length non-negative INTEGER type. The generated INTEGER_oer.c skeleton extracts the Most Significant Bit without validating input length, and because asn1c-generated parsers are commonly deployed in V2X, 5G telecom, and X.509 stacks, the impact extends into safety- and identity-critical pipelines. No public exploit identified at time of analysis, but the trivial trigger condition makes weaponization straightforward.
The asn1f_lookup_symbol_impl function in asn1fix_retrieve.c in libasn1fix.a in asn1c 0.9.28 allows remote attackers to cause a denial of service (segmentation fault) via a crafted .asn1 file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Integer overflow in the rtxMemHeapAlloc function in asn1rt_a.lib in Objective Systems ASN1C for C/C++ before 7.0.2 allows context-dependent attackers to execute arbitrary code or cause a denial of. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Heap out-of-bounds read in mouse07410/asn1c versions 1.4 and earlier allows remote attackers to crash applications or corrupt integer parsing logic by sending a zero-length OER payload for a variable-length non-negative INTEGER type. The generated INTEGER_oer.c skeleton extracts the Most Significant Bit without validating input length, and because asn1c-generated parsers are commonly deployed in V2X, 5G telecom, and X.509 stacks, the impact extends into safety- and identity-critical pipelines. No public exploit identified at time of analysis, but the trivial trigger condition makes weaponization straightforward.
The asn1f_lookup_symbol_impl function in asn1fix_retrieve.c in libasn1fix.a in asn1c 0.9.28 allows remote attackers to cause a denial of service (segmentation fault) via a crafted .asn1 file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Integer overflow in the rtxMemHeapAlloc function in asn1rt_a.lib in Objective Systems ASN1C for C/C++ before 7.0.2 allows context-dependent attackers to execute arbitrary code or cause a denial of. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.