CVE-2018-11054 - 漏洞详情

CVE-2018-11054 (CNNVD-201809-067)

HIGH

中文标题:

DELL RSA BSAFE Micro Edition Suite 输入验证错误漏洞

英文标题:

RSA BSAFE Micro Edition Suite, version 4.1.6, contains an integer overflow vulnerability. A remote a...

CVSS分数: 7.5

发布时间: 2018-08-31 18:00:00

漏洞类型: 输入验证错误

状态: PUBLISHED

数据质量分数: 0.30

数据版本: v3

漏洞描述

中文描述:

DELL RSA BSAFE Micro Edition Suite是美国戴尔（DELL）公司的一款加密工具包。 RSA BSAFE Micro Edition Suite 4.1.6版本中存在输入验证错误漏洞。远程攻击者可通过使用恶意构造的ASN.1数据利用该漏洞造成拒绝服务。

英文描述:

RSA BSAFE Micro Edition Suite, version 4.1.6, contains an integer overflow vulnerability. A remote attacker could use maliciously constructed ASN.1 data to potentially cause a Denial Of Service.

CWE类型:

CWE-190

受影响产品

厂商	产品	版本	版本范围	平台	CPE
RSA	BSAFE Micro Edition Suite	4.1.6	-	-	`cpe:2.3:a:rsa:bsafe_micro_edition_suite:4.1.6:::::::*`
dell	bsafe	4.1.6	-	-	`cpe:2.3:a:dell:bsafe:4.1.6::::micro_edition_suite:::`
oracle	application_testing_suite	13.3.0.1	-	-	`cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:::::::*`
oracle	communications_analytics	12.1.1	-	-	`cpe:2.3:a:oracle:communications_analytics:12.1.1:::::::*`
oracle	communications_ip_service_activator	7.3.4	-	-	`cpe:2.3:a:oracle:communications_ip_service_activator:7.3.4:::::::*`
oracle	communications_ip_service_activator	7.4.0	-	-	`cpe:2.3:a:oracle:communications_ip_service_activator:7.4.0:::::::*`
oracle	core_rdbms	11.2.0.4	-	-	`cpe:2.3:a:oracle:core_rdbms:11.2.0.4:::::::*`
oracle	core_rdbms	12.1.0.2	-	-	`cpe:2.3:a:oracle:core_rdbms:12.1.0.2:::::::*`
oracle	core_rdbms	12.2.0.1	-	-	`cpe:2.3:a:oracle:core_rdbms:12.2.0.1:::::::*`
oracle	core_rdbms	18c	-	-	`cpe:2.3:a:oracle:core_rdbms:18c:::::::*`
oracle	core_rdbms	19c	-	-	`cpe:2.3:a:oracle:core_rdbms:19c:::::::*`
oracle	enterprise_manager_ops_center	12.3.3	-	-	`cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:::::::*`
oracle	enterprise_manager_ops_center	12.4.0	-	-	`cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:::::::*`
oracle	goldengate_application_adapters	12.3.2.1.0	-	-	`cpe:2.3:a:oracle:goldengate_application_adapters:12.3.2.1.0:::::::*`
oracle	jd_edwards_enterpriseone_tools	9.2	-	-	`cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:::::::*`
oracle	real_user_experience_insight	13.1.2.1	-	-	`cpe:2.3:a:oracle:real_user_experience_insight:13.1.2.1:::::::*`
oracle	real_user_experience_insight	13.2.3.1	-	-	`cpe:2.3:a:oracle:real_user_experience_insight:13.2.3.1:::::::*`
oracle	real_user_experience_insight	13.3.1.0	-	-	`cpe:2.3:a:oracle:real_user_experience_insight:13.3.1.0:::::::*`
oracle	retail_predictive_application_server	15.0.3	-	-	`cpe:2.3:a:oracle:retail_predictive_application_server:15.0.3:::::::*`
oracle	retail_predictive_application_server	16.0.3	-	-	`cpe:2.3:a:oracle:retail_predictive_application_server:16.0.3:::::::*`
oracle	security_service	11.1.1.9.0	-	-	`cpe:2.3:a:oracle:security_service:11.1.1.9.0:::::::*`
oracle	security_service	12.1.3.0.0	-	-	`cpe:2.3:a:oracle:security_service:12.1.3.0.0:::::::*`
oracle	security_service	12.2.1.2.0	-	-	`cpe:2.3:a:oracle:security_service:12.2.1.2.0:::::::*`
oracle	timesten_in-memory_database	*	-	-	`cpe:2.3:a:oracle:timesten_in-memory_database::::::::`

解决方案

中文解决方案:

（暂无数据）

英文解决方案:

（暂无数据）

临时解决方案:

（暂无数据）

参考链接

20180828 DSA-2018-128: RSA BSAFE Micro Edition Suite and Crypto-C Micro Edition Multiple Security Vulnerabilities mailing-list
cve.org

访问