Heap overflow

Heap-based buffer overflow in MatrixSSL before 3.8.6 allows remote attackers to execute arbitrary code via a crafted Subject Alt Name in an X.509 certificate...

CVE-2016-6890

Heap-based buffer overflow in MatrixSSL before 3.8.6 allows remote attackers to execute arbitrary code via a crafted Subject Alt Name in an X.509 certificate...

CVE-2016-6891

MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service out-of-bounds read via a crafted ASN.1 Bit Field primitive in an X.509 certificate...

CVE-2016-6890

Heap-based buffer overflow in MatrixSSL before 3.8.6 allows remote attackers to execute arbitrary code via a crafted Subject Alt Name in an X.509 certificate...

CVE-2016-6891

MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service out-of-bounds read via a crafted ASN.1 Bit Field primitive in an X.509 certificate...

Design/Logic Flaw

The x509FreeExtensions function in MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service free of unallocated memory via a crafted X.509 certificate...

CVE-2016-6890

Heap-based buffer overflow in MatrixSSL before 3.8.6 allows remote attackers to execute arbitrary code via a crafted Subject Alt Name in an X.509 certificate...

CVE-2016-6892

The x509FreeExtensions function in MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service free of unallocated memory via a crafted X.509 certificate...

Out-of-bounds

MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service out-of-bounds read via a crafted ASN.1 Bit Field primitive in an X.509 certificate...

CVE-2016-6891

MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service out-of-bounds read via a crafted ASN.1 Bit Field primitive in an X.509 certificate...

CVE-2016-6892

The x509FreeExtensions function in MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service free of unallocated memory via a crafted X.509 certificate...

CVE-2016-6892

The x509FreeExtensions function in MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service free of unallocated memory via a crafted X.509 certificate...

CVE-2016-6892

The x509FreeExtensions function in MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service free of unallocated memory via a crafted X.509 certificate...

CVE-2016-6891

CVE-2016-6891 affects MatrixSSL before 3.8.6. A crafted ASN.1 Bit Field in an X.509 certificate can trigger an out-of-bounds read, leading to denial of service. The vulnerable line-of-code issue is the parsing of the Bit Field in X.509 certificates. A fix is available: upgrade MatrixSSL to versio...

CVE-2016-6890

Heap-based buffer overflow in MatrixSSL before 3.8.6 allows remote attackers to execute arbitrary code via a crafted Subject Alt Name in an X.509 certificate...

CVE-2016-6891

MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service out-of-bounds read via a crafted ASN.1 Bit Field primitive in an X.509 certificate...

CVE-2016-6890

CVE-2016-6890 originates from a heap-based buffer overflow in MatrixSSL versions 3.8.5 and earlier, triggered by a crafted Subject Alternative Name in an X.509 certificate. This leads to remote code execution in vulnerable SSL stacks. The connected documents consistently identify the affected com...

CVE-2016-6892

MatrixSSL 3.8.5 and earlier contains a denial-of-service issue (CVE-2016-6892) in the x509FreeExtensions function, where processing a crafted X.509 certificate can cause a free operation on unallocated memory. Affected component: MatrixSSL under versions

MatrixSSL pstm_exptmod Function Miscalculation Vulnerability

INSIDE Secure MatrixSSL is an embedded, open source SSLv3 stack from INSIDE Secure, France, designed for small applications and devices. The pstmexptmod in MatrixSSL inputs incorrect results for certain parameters, causing the associated cryptographic functions to fail to handle the private key...

MatrixSSL Detection (HTTP)

HTTP based detection of MatrixSSL. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it...