VYPR
Unrated severityNVD Advisory· Published Oct 26, 2013· Updated Jun 16, 2026

CVE-2013-5914

CVE-2013-5914

Description

Buffer overflow in the ssl_read_record function in ssl_tls.c in PolarSSL before 1.1.8, when using TLS 1.1, might allow remote attackers to execute arbitrary code via a long packet.

Affected products

12
  • Polarssl/Polarssl12 versions
    cpe:2.3:a:polarssl:polarssl:*:*:*:*:*:*:*:*+ 11 more
    • cpe:2.3:a:polarssl:polarssl:*:*:*:*:*:*:*:*range: <=1.1.7
    • cpe:2.3:a:polarssl:polarssl:1.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:polarssl:polarssl:1.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:polarssl:polarssl:1.1.0:rc0:*:*:*:*:*:*
    • cpe:2.3:a:polarssl:polarssl:1.1.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:polarssl:polarssl:1.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:polarssl:polarssl:1.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:polarssl:polarssl:1.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:polarssl:polarssl:1.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:polarssl:polarssl:1.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:polarssl:polarssl:1.1.6:*:*:*:*:*:*:*
    • (no CPE)range: <1.1.8

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.