FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

gnutls -- client-side memory corruption

Affected packages
3.1 <= gnutls3 < 3.1.25

Details

VuXML ID 027af74d-eb56-11e3-9032-000c2980a9f3
Discovery 2014-05-14
Entry 2014-06-03

GnuTLS project reports:

This vulnerability affects the client side of the gnutls library. A server that sends a specially crafted ServerHello could corrupt the memory of a requesting client.

References

CVE Name CVE-2014-3466
URL http://www.gnutls.org/security.html#GNUTLS-SA-2014-3