CVE-2013-6747

high

Description

IBM GSKit 7.x before 7.0.4.48 and 8.x before 8.0.50.16, as used in IBM Security Directory Server (ISDS) and Tivoli Directory Server (TDS), allows remote attackers to cause a denial of service (application crash or hang) via a malformed X.509 certificate chain.

References

http://osvdb.org/102556

http://secunia.com/advisories/56698

http://secunia.com/advisories/56699

http://www.securitytracker.com/id/1029687

http://www-01.ibm.com/support/docview.wss?uid=swg21662902

http://www-01.ibm.com/support/docview.wss?uid=swg21669554

http://www-01.ibm.com/support/docview.wss?uid=swg21676091

http://www-01.ibm.com/support/docview.wss?uid=swg21676092

https://exchange.xforce.ibmcloud.com/vulnerabilities/89863

Details

Source: MITRE

Published: 2014-01-27

Updated: 2017-08-29

Type: CWE-20

Risk Information

CVSS v2

Base Score: 7.1

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 8.6

Severity: HIGH