Code injection

2017-01-1316:59:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.3%

JSON

The pstm_reverse function in MatrixSSL before 3.8.4 allows remote attackers to cause a denial of service (invalid memory read and crash) via a (1) zero value or (2) the key’s modulus for the secret key during RSA key exchange.

CPENameOperatorVersion
matrixsslle3.8.3

CPE	Name	Operator	Version
	matrixssl	le	3.8.3

References

www.matrixssl.org/blog/releases/matrixssl_3_8_4

www.securityfocus.com/bid/92604

blog.fuzzing-project.org/51-Fun-with-Bignums-Crashing-MatrixSSL-and-more.html