Lucene search
K

220 matches found

CNVD
CNVD
added 2017/06/26 12:0 a.m.5 views

Inside Secure MatrixSSL Buffer Overflow Vulnerability (CNVD-2017-15852)

Inside Secure MatrixSSL is an IoT application toolkit from Inside Secure, France, that enables a modular implementation of TLS and DTLS. A heap buffer overflow vulnerability exists in the X509 certificate parsing feature in Inside Secure MatrixSSL version 3.8.7b. A remote attacker can exploit thi...

9.8CVSS7.8AI score0.02344EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2017/06/23 12:0 a.m.37 views

MatrixSSL < 3.9.3 Multiple Vulnerabilities

MatrixSSL is prone multiple vulnerabilities. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9.6AI score0.02344EPSS
Exploits6References3
UbuntuCve
UbuntuCve
added 2017/06/22 9:29 p.m.19 views

CVE-2017-2781

An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a buffer overflow on the heap resulting in remote code execution. To trigger this vulnerability, a specially...

9.8CVSS7.6AI score0.02344EPSS
Exploits2References2
UbuntuCve
UbuntuCve
added 2017/06/22 9:29 p.m.17 views

CVE-2017-2782

An integer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a length counter to overflow, leading to a controlled out of bounds copy operation. To trigger this vulnerability, a specially...

9.1CVSS6.9AI score0.01011EPSS
Exploits2References2
UbuntuCve
UbuntuCve
added 2017/06/22 9:29 p.m.15 views

CVE-2017-2780

An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a buffer overflow on the heap resulting in remote code execution. To trigger this vulnerability, a specially...

9.8CVSS7.6AI score0.02344EPSS
Exploits2References2
OSV
OSV
added 2017/06/22 9:29 p.m.4 views

CVE-2017-2780

An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a buffer overflow on the heap resulting in remote code execution. To trigger this vulnerability, a specially...

9.8CVSS6.3AI score0.02344EPSS
Exploits2References2
NVD
NVD
added 2017/06/22 9:29 p.m.29 views

CVE-2017-2782

An integer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a length counter to overflow, leading to a controlled out of bounds copy operation. To trigger this vulnerability, a specially...

9.1CVSS7.8AI score0.01011EPSS
Exploits2References2
Prion
Prion
added 2017/06/22 9:29 p.m.13 views

Integer overflow

An integer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a length counter to overflow, leading to a controlled out of bounds copy operation. To trigger this vulnerability, a specially...

6.4CVSS9.1AI score0.01011EPSS
Exploits2References2Affected Software1
NVD
NVD
added 2017/06/22 9:29 p.m.20 views

CVE-2017-2781

An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a buffer overflow on the heap resulting in remote code execution. To trigger this vulnerability, a specially...

9.8CVSS9.4AI score0.02344EPSS
Exploits2References2
Prion
Prion
added 2017/06/22 9:29 p.m.17 views

Heap overflow

An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a buffer overflow on the heap resulting in remote code execution. To trigger this vulnerability, a specially...

7.5CVSS9.8AI score0.02344EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2017/06/22 9:0 p.m.30 views

CVE-2017-2780

An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a buffer overflow on the heap resulting in remote code execution. To trigger this vulnerability, a specially...

8.1CVSS9.9AI score0.02344EPSS
Exploits2References2
CVE
CVE
added 2017/06/22 9:0 p.m.60 views

CVE-2017-2781

CVE-2017-2781 concerns InsideSecure MatrixSSL 3.8.7b. The vulnerability is a heap-based buffer overflow in the X509 certificate parsing code, specifically in the IssuerPolicy/PolicyMappings handling inside parsePolicyMappings. A specially crafted DER-encoded X.509 certificate (containing OID sequ...

9.8CVSS9.8AI score0.02344EPSS
Exploits2References2Affected Software1
CVE
CVE
added 2017/06/22 9:0 p.m.59 views

CVE-2017-2780

CVE-2017-2780 is a heap-based buffer overflow in InsideSecure MatrixSSL 3.8.7b, triggered while parsing the X509 SubjectDomainPolicy extension in DER certificates. The vulnerability arises in parsePolicyMappings, where an OID length-derived allocation can overflow when more OIDs are copied than s...

9.8CVSS9.8AI score0.02344EPSS
Exploits2References2Affected Software1
CVE
CVE
added 2017/06/22 9:0 p.m.57 views

CVE-2017-2782

InsideSecure MatrixSSL 3.8.7b contains CVE-2017-2782: an integer overflow in the X509 general names parsing path (parseGeneralNames) can trigger a length underflow, allowing an out-of-bounds memcpy/read and potential memory disclosure or crash when processing a crafted certificate during TLS hand...

9.1CVSS9.1AI score0.01011EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2017/06/22 9:0 p.m.37 views

CVE-2017-2781

An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a buffer overflow on the heap resulting in remote code execution. To trigger this vulnerability, a specially...

8.1CVSS9.9AI score0.02344EPSS
Exploits2References2
Cvelist
Cvelist
added 2017/06/22 9:0 p.m.36 views

CVE-2017-2782

An integer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a length counter to overflow, leading to a controlled out of bounds copy operation. To trigger this vulnerability, a specially...

6.5CVSS9.2AI score0.01011EPSS
Exploits2References2
Talos Blog
Talos Blog
added 2017/06/22 10:37 a.m.52 views

Vulnerability Spotlight: Multiple Vulnerabilities in InsideSecure MatrixSSL

These vulnerabilities were discovered by Aleksandar Nikolic of Cisco TalosOverviewMatrixSSL is a TLS/SSL stack offered in the form of a Software Development Kit SDK that is geared towards application in Internet of Things IOT devices and other embedded systems. It features low resource overhead a...

7.5CVSS0.8AI score0.02344EPSS
Exploits6
Talos
Talos
added 2017/06/22 12:0 a.m.46 views

InsideSecure MatrixSSL x509 certificate IssuerDomainPolicy Remote Code Execution Vulnerability

Summary An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a buffer overflow on the heap resulting in remote code execution. To trigger this vulnerability, a...

9.8CVSS9.1AI score0.02344EPSS
Exploits2
Talos
Talos
added 2017/06/22 12:0 a.m.38 views

InsideSecure MatrixSSL x509 certificate General Names Information Disclosure Vulnerability

Summary An integer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a length counter to overflow, leading to a controlled out of bounds copy operation. To trigger this vulnerability, a...

9.1CVSS8AI score0.01011EPSS
Exploits2
Talos
Talos
added 2017/06/22 12:0 a.m.31 views

InsideSecure MatrixSSL x509 certificate SubjectDomainPolicy Remote Code Execution Vulnerability

Summary An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a buffer overflow on the heap resulting in remote code execution. To trigger this vulnerability, a...

9.8CVSS9.1AI score0.02344EPSS
Exploits2
Rows per page
Query Builder