Medium severity5.3NVD Advisory· Published Aug 28, 2017· Updated May 13, 2026
CVE-2017-3735
CVE-2017-3735
Description
While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g.
Affected products
103cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*+ 100 more
- cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8t:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8u:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8v:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8w:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8x:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8y:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8z:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8za:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8zb:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8zc:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8ze:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:0.9.8zg:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0l:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0m:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0n:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0o:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0p:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0q:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0r:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.0s:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.2i:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.2j:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.2k:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.2l:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.1.0a:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.1.0b:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.1.0c:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.1.0d:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.1.0e:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.1.0f:*:*:*:*:*:*:*
- (no CPE)range: 1.1.0
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
27- www.openssl.org/news/secadv/20170828.txtnvdPatchVendor Advisory
- www.securityfocus.com/bid/100515nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1039726nvdThird Party AdvisoryVDB Entry
- security.netapp.com/advisory/ntap-20170927-0001/nvdIssue TrackingThird Party Advisory
- security.netapp.com/advisory/ntap-20171107-0002/nvdIssue TrackingThird Party Advisory
- www.debian.org/security/2017/dsa-4017nvdThird Party Advisory
- www.debian.org/security/2017/dsa-4018nvdThird Party Advisory
- www.openssl.org/news/secadv/20171102.txtnvdIssue TrackingVendor Advisory
- www.tenable.com/security/tns-2017-14nvdIssue TrackingThird Party Advisory
- www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.htmlnvd
- www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.htmlnvd
- www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.htmlnvd
- www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.htmlnvd
- access.redhat.com/errata/RHSA-2018:3221nvd
- access.redhat.com/errata/RHSA-2018:3505nvd
- cert-portal.siemens.com/productcert/pdf/ssa-412672.pdfnvd
- github.com/openssl/openssl/commit/068b963bb7afc57f5bdd723de0dd15e7795d5822nvd
- lists.debian.org/debian-lts-announce/2017/11/msg00011.htmlnvd
- security.freebsd.org/advisories/FreeBSD-SA-17:11.openssl.ascnvd
- security.gentoo.org/glsa/201712-03nvd
- support.apple.com/HT208331nvd
- usn.ubuntu.com/3611-2/nvd
- www.oracle.com//security-alerts/cpujul2021.htmlnvd
- www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.htmlnvd
- www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.htmlnvd
- www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.htmlnvd
- www.tenable.com/security/tns-2017-15nvd
News mentions
0No linked articles in our index yet.