VIR Vulnerability Intelligence Relay

CVE-2015-0537

critical
Published 2015-08-20 · Modified 2026-05-06
CVSS v3
9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS v2
7.5
VIR risk
9.8

Description

Integer underflow in the base64-decoding implementation in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3, RSA BSAFE Crypto-C Micro Edition (Crypto-C ME) before 4.0.4 and 4.1, and RSA BSAFE SSL-C 2.8.9 and earlier allows remote attackers to cause a denial of service (memory corruption or segmentation fault) or possibly have unspecified other impact via crafted base64 data, a similar issue to CVE-2015-0292.

Predictions

Exploit likelihood
97%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

Application impact
VendorProductVersionsFixed
dell dellbsafe{"startIncluding":"4.0.0","endExcluding":"4.0.8"}4.0.8
dell dellbsafe_crypto-c{"endExcluding":"4.0.4"}4.0.4
dell dellbsafe_ssl-c{"endIncluding":"2.8.9"}

References

CWEs

CWE-191

Verify integrity in audit chain (admin only). AS-IS.