Endpoint Vulnerability

Buffer underflow when generating CRMF requests

Description

Security researcher Nils used the Address Sanitizer to discover a use-after-free problem when generating a Certificate Request Message Format (CRMF) request with certain parameters. This causes a potentially exploitable crash.

Affected Products

SeaMonkey

References

CVE-2013-1705,