Vulnerability Description
The libksba library 0.9.12 and possibly other versions, as used by gpgsm in the newpg package on SUSE LINUX, allows attackers to cause a denial of service (application crash) via a malformed X.509 certificate in a signature.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Libksba Library | Libksba Library | 0.9.12 |
References
- http://secunia.com/advisories/22423
- http://secunia.com/advisories/22445
- http://secunia.com/advisories/22473
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:183
- http://www.novell.com/linux/download/updates/101_x86_64.htmlPatch
- http://www.novell.com/linux/security/advisories/2006_23_sr.htmlPatchVendor Advisory
- http://www.securityfocus.com/bid/20565
- http://www.ubuntu.com/usn/usn-365-1
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29621
- http://secunia.com/advisories/22423
- http://secunia.com/advisories/22445
- http://secunia.com/advisories/22473
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:183
- http://www.novell.com/linux/download/updates/101_x86_64.htmlPatch
- http://www.novell.com/linux/security/advisories/2006_23_sr.htmlPatchVendor Advisory
FAQ
What is CVE-2006-5111?
CVE-2006-5111 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The libksba library 0.9.12 and possibly other versions, as used by gpgsm in the newpg package on SUSE LINUX, allows attackers to cause a denial of service (application crash) via a malformed X.509 cer...
How severe is CVE-2006-5111?
CVE-2006-5111 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-5111?
Check the references section above for vendor advisories and patch information. Affected products include: Libksba Library Libksba Library.