CyberSec.Space Logo
Back to CVE Browser

CVE-2004-2645

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0950%
EPSS Percentile44.24th
PublishedDec 31, 2004
Last ModifiedApr 16, 2026

Vulnerability Description

Unspecified vulnerability in ASN.1 Compiler (asn1c) before 0.9.7 has unknown impact and attack vectors when processing "CHOICE" types with "indefinite length structures."

Affected Platforms (CPE)

πŸ“¦
Asn.1 Compiler

Asn.1 Compiler

= 0.9.4
πŸ“¦
Asn.1 Compiler

Asn.1 Compiler

= 0.9.5
πŸ“¦
Asn.1 Compiler

Asn.1 Compiler

= 0.9.6

References & Advisories

πŸ”— http://secunia.com/advisories/12794
πŸ”— http://securitytracker.com/id?1011622
πŸ”— http://sourceforge.net/project/shownotes.php?group_id=103893&release_id=274592
πŸ”— http://www.osvdb.org/10684
πŸ”— http://www.securityfocus.com/bid/11370
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/17696
πŸ”— http://secunia.com/advisories/12794
πŸ”— http://securitytracker.com/id?1011622

Related Vulnerabilities

CVE-2004-08495.0

Integer overflow in the asn_decode_string() function defined in asn1.c in radiusd for GNU Radius 1.1 and 1.2 before 1.2.94, when c...

CVE-2004-105010.0

Heap-based buffer overflow in Internet Explorer 6 allows remote attackers to execute arbitrary code via long (1) SRC or (2) NAME a...

CVE-2004-022010.0

isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service via an ISAKMP packet with a malformed Cert...

CVE-2004-036810.0

Double free vulnerability in dtlogin in CDE on Solaris, HP-UX, and other operating systems allows remote attackers to execute arbi...