Objective Systems Asn1c 7.0.1 Denial Of Service Execute Code Overflow Vulnerability
13 Sep. 2016
Integer overflow in the rtxMemHeapAlloc function in asn1rt_a.lib in Objective Systems ASN1C for C/C++ before 7.0.2 allows context-dependent attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow), on a system running an application compiled by ASN1C, via crafted ASN.1 data.
* Objective Systems Asn1c 7.0.1
ASN1C is used to generate high-level-language code from ASN.1 syntax. According to the reporter, the generated C and C++ code from ASN1C may be vulnerable to heap overflow in the generated heap manager's rtxMemHeapAlloc function. It is currently unclear if a similar vulnerability exists in other output languages such as Java. and C#.
A remote unauthenticated attacker may be able to exploit the heap overflow to execute arbitrary code on the underlying system, but the availability of this exploit depends on whether the application utilizes the rtxMemHeapAlloc function in an unsafe way. In particular, the application would likely need to process ASN.1 data from untrusted sources to be vulnerable. Developers making use of ASN1C in their products should audit their code to determine if their application is vulnerable. The CVSS score below reflects a worst-case scenario, and may not apply to all instances.
The researcher has more information available in a security advisory.