Off-by-one error in the XML signature feature in Apache XML Security for C++ 1.6.0, as used in Shibboleth before 2.4.3 and possibly other products, allows remote attackers to cause a denial of service (crash) via a signature using a large RSA key, which triggers a buffer overflow.
Vector
NETWORK
Complexity
LOW
Authentication
NONE
Confidentiality
NONE
Integrity
NONE
Availability
PARTIAL
Shibboleth Service Provider Software 2.4.1
Shibboleth Service Provider Software 2.3.1
Shibboleth Service Provider Software 2.4
Shibboleth Service Provider Software 2.3
Shibboleth Service Provider Software 2.2.1
Shibboleth Service Provider Software 2.2
Shibboleth Service Provider Software 2.1
Shibboleth Service Provider Software 2.0
Shibboleth Service Provider Software 1.3f
Shibboleth Service Provider Software 1.3.5
Shibboleth Service Provider Software 1.3.4
Shibboleth Service Provider Software 1.3.3
Shibboleth Service Provider Software 1.3.2
Shibboleth Service Provider Software 1.3.1
Apache Software Foundation XML Security for C 1.6.0
Shibboleth Service Provider Software 2.4.2