CVE-2015-2806
libtasn1-3 - security update
EPSS 9.3%
Description
Stack-based buffer overflow in asn1_der_decoding in libtasn1 before 4.4 allows remote attackers to have unspecified impact via unknown vectors.
How to fix CVE-2015-2806
To remediate CVE-2015-2806, upgrade the affected package to a fixed version below.
- Debian/libtasn1-3—upgrade to 2.7-1+squeeze+3 or later
- Debian/libtasn1-3—upgrade to 2.13-2+deb7u2 or later
- Debian/libtasn1-6—upgrade to 4.2-3 or later
Is CVE-2015-2806 being exploited?
Moderate — EPSS is 9.3%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (3)
- from 0, < 2.7-1+squeeze+3
- from 0, < 2.13-2+deb7u2
- from 0, < 4.2-3