1. CVE-Search
  2. CVE-2015-0537
ID CVE-2015-0537
Summary Integer underflow in the base64-decoding implementation in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3, RSA BSAFE Crypto-C Micro Edition (Crypto-C ME) before 4.0.4 and 4.1, and RSA BSAFE SSL-C 2.8.9 and earlier allows remote attackers to cause a denial of service (memory corruption or segmentation fault) or possibly have unspecified other impact via crafted base64 data, a similar issue to CVE-2015-0292.
References
Vulnerable Configurations
  • cpe:2.3:a:dell:bsafe:4.0.0:*:*:*:micro_edition_suite:*:*:*
    cpe:2.3:a:dell:bsafe:4.0.0:*:*:*:micro_edition_suite:*:*:*
  • cpe:2.3:a:dell:bsafe:4.0.1:*:*:*:micro_edition_suite:*:*:*
    cpe:2.3:a:dell:bsafe:4.0.1:*:*:*:micro_edition_suite:*:*:*
  • cpe:2.3:a:dell:bsafe:4.0.2:*:*:*:micro_edition_suite:*:*:*
    cpe:2.3:a:dell:bsafe:4.0.2:*:*:*:micro_edition_suite:*:*:*
  • cpe:2.3:a:dell:bsafe:4.0.3:*:*:*:micro_edition_suite:*:*:*
    cpe:2.3:a:dell:bsafe:4.0.3:*:*:*:micro_edition_suite:*:*:*
  • cpe:2.3:a:dell:bsafe:4.0.4:*:*:*:micro_edition_suite:*:*:*
    cpe:2.3:a:dell:bsafe:4.0.4:*:*:*:micro_edition_suite:*:*:*
  • cpe:2.3:a:dell:bsafe:4.0.5:*:*:*:micro_edition_suite:*:*:*
    cpe:2.3:a:dell:bsafe:4.0.5:*:*:*:micro_edition_suite:*:*:*
  • cpe:2.3:a:dell:bsafe:4.0.5.3:*:*:*:micro_edition_suite:*:*:*
    cpe:2.3:a:dell:bsafe:4.0.5.3:*:*:*:micro_edition_suite:*:*:*
  • cpe:2.3:a:dell:bsafe:4.0.7:*:*:*:micro_edition_suite:*:*:*
    cpe:2.3:a:dell:bsafe:4.0.7:*:*:*:micro_edition_suite:*:*:*
  • cpe:2.3:a:dell:bsafe:4.1.0:*:*:*:micro_edition_suite:*:*:*
    cpe:2.3:a:dell:bsafe:4.1.0:*:*:*:micro_edition_suite:*:*:*
  • cpe:2.3:a:dell:bsafe:4.1.0.1:*:*:*:micro_edition_suite:*:*:*
    cpe:2.3:a:dell:bsafe:4.1.0.1:*:*:*:micro_edition_suite:*:*:*
  • cpe:2.3:a:dell:bsafe:4.1.1:*:*:*:micro_edition_suite:*:*:*
    cpe:2.3:a:dell:bsafe:4.1.1:*:*:*:micro_edition_suite:*:*:*
  • cpe:2.3:a:dell:bsafe:4.1.2:*:*:*:micro_edition_suite:*:*:*
    cpe:2.3:a:dell:bsafe:4.1.2:*:*:*:micro_edition_suite:*:*:*
  • cpe:2.3:a:dell:bsafe_crypto-c:*:*:*:*:micro_edition:*:*:*
    cpe:2.3:a:dell:bsafe_crypto-c:*:*:*:*:micro_edition:*:*:*
  • cpe:2.3:a:dell:bsafe_ssl-c:2.8:*:*:*:*:*:*:*
    cpe:2.3:a:dell:bsafe_ssl-c:2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:dell:bsafe_ssl-c:2.8.7:*:*:*:*:*:*:*
    cpe:2.3:a:dell:bsafe_ssl-c:2.8.7:*:*:*:*:*:*:*
  • cpe:2.3:a:dell:bsafe_ssl-c:2.8.9:*:*:*:*:*:*:*
    cpe:2.3:a:dell:bsafe_ssl-c:2.8.9:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 14-12-2021 - 16:02)
Impact:
Exploitability:
CWE CWE-191
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 76377
bugtraq 20150817 ESA-2015-081: RSA BSAFE Micro Edition Suite, Crypto-C Micro Edition, Crypto-J, SSL-J and SSL-C Multiple Vulnerabilities
sectrack 1033299
Last major update 14-12-2021 - 16:02
Published 20-08-2015 - 10:59
Last modified 14-12-2021 - 16:02
Back to Top