Lucene search
K

4 matches found

seebug.org
seebug.org
added 2017/09/14 12:0 a.m.41 views

InsideSecure MatrixSSL x509 certificate SubjectDomainPolicy Remote Code Execution Vulnerability(CVE-2017-2780)

Summary An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a buffer overflow on the heap resulting in remote code execution. To trigger this vulnerability, a...

7.5CVSS9.6AI score0.02344EPSS
Exploits2
OpenVAS
OpenVAS
added 2017/06/23 12:0 a.m.35 views

MatrixSSL < 3.9.3 Multiple Vulnerabilities

MatrixSSL is prone multiple vulnerabilities. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9.6AI score0.02344EPSS
Exploits6References3
CVE
CVE
added 2017/06/22 9:0 p.m.59 views

CVE-2017-2780

CVE-2017-2780 is a heap-based buffer overflow in InsideSecure MatrixSSL 3.8.7b, triggered while parsing the X509 SubjectDomainPolicy extension in DER certificates. The vulnerability arises in parsePolicyMappings, where an OID length-derived allocation can overflow when more OIDs are copied than s...

9.8CVSS9.8AI score0.02344EPSS
Exploits2References2Affected Software1
Talos Blog
Talos Blog
added 2017/06/22 10:37 a.m.50 views

Vulnerability Spotlight: Multiple Vulnerabilities in InsideSecure MatrixSSL

These vulnerabilities were discovered by Aleksandar Nikolic of Cisco TalosOverviewMatrixSSL is a TLS/SSL stack offered in the form of a Software Development Kit SDK that is geared towards application in Internet of Things IOT devices and other embedded systems. It features low resource overhead a...

7.5CVSS0.8AI score0.02344EPSS
Exploits6
Rows per page
Query Builder