Matrixssl

CVEs (10)

CVE	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2016-6890	Cri	0.65	9.8	0.14	Jan 5, 2017	Heap-based buffer overflow in MatrixSSL before 3.8.6 allows remote attackers to execute arbitrary code via a crafted Subject Alt Name in an X.509 certificate.
CVE-2017-2781	Cri	0.64	9.8	0.03	Jun 22, 2017	An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a buffer overflow on the heap resulting in remote code execution. To trigger this vulnerability, a specially crafted x509 certificate must be presented to the vulnerable client or server application when initiating secure connection.
CVE-2017-2780	Cri	0.64	9.8	0.04	Jun 22, 2017	An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a buffer overflow on the heap resulting in remote code execution. To trigger this vulnerability, a specially crafted x509 certificate must be presented to the vulnerable client or server application when initiating secure connection.
CVE-2016-6892	Hig	0.49	7.5	0.03	Jan 5, 2017	The x509FreeExtensions function in MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service (free of unallocated memory) via a crafted X.509 certificate.
CVE-2016-6891	Hig	0.49	7.5	0.03	Jan 5, 2017	MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ASN.1 Bit Field primitive in an X.509 certificate.
CVE-2016-6883	Med	0.47	5.9	0.70	Mar 3, 2017	MatrixSSL before 3.8.3 configured with RSA Cipher Suites allows remote attackers to obtain sensitive information via a Bleichenbacher variant attack.
CVE-2017-2782	Med	0.42	6.5	0.00	Jun 22, 2017	An integer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a length counter to overflow, leading to a controlled out of bounds copy operation. To trigger this vulnerability, a specially crafted x509 certificate must be presented to the vulnerable client or server application when initiating secure connection
CVE-2016-6884	Med	0.42	6.5	0.00	Mar 3, 2017	TLS cipher suites with CBC mode in TLS 1.1 and 1.2 in MatrixSSL before 3.8.3 allow remote attackers to cause a denial of service (out-of-bounds read) via a crafted message.
CVE-2016-6882	Med	0.38	5.9	0.00	Mar 3, 2017	MatrixSSL before 3.8.7, when the DHE_RSA based cipher suite is supported, makes it easier for remote attackers to obtain RSA private key information by conducting a Lenstra side-channel attack.
CVE-2016-6887	Med	0.38	5.9	0.00	Jan 13, 2017	The pstm_exptmod function in MatrixSSL 3.8.6 and earlier does not properly perform modular exponentiation, which might allow remote attackers to predict the secret key via a CRT attack.

CVE-2016-6890CriJan 5, 2017
risk 0.65cvss 9.8epss 0.14
Heap-based buffer overflow in MatrixSSL before 3.8.6 allows remote attackers to execute arbitrary code via a crafted Subject Alt Name in an X.509 certificate.
CVE-2017-2781CriJun 22, 2017
risk 0.64cvss 9.8epss 0.03
An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a buffer overflow on the heap resulting in remote code execution. To trigger this vulnerability, a specially crafted x509 certificate must be presented to the vulnerable client or server application when initiating secure connection.
CVE-2017-2780CriJun 22, 2017
risk 0.64cvss 9.8epss 0.04
An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a buffer overflow on the heap resulting in remote code execution. To trigger this vulnerability, a specially crafted x509 certificate must be presented to the vulnerable client or server application when initiating secure connection.
CVE-2016-6892HigJan 5, 2017
risk 0.49cvss 7.5epss 0.03
The x509FreeExtensions function in MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service (free of unallocated memory) via a crafted X.509 certificate.
CVE-2016-6891HigJan 5, 2017
risk 0.49cvss 7.5epss 0.03
MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ASN.1 Bit Field primitive in an X.509 certificate.
CVE-2016-6883MedMar 3, 2017
risk 0.47cvss 5.9epss 0.70
MatrixSSL before 3.8.3 configured with RSA Cipher Suites allows remote attackers to obtain sensitive information via a Bleichenbacher variant attack.
CVE-2017-2782MedJun 22, 2017
risk 0.42cvss 6.5epss 0.00
An integer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a length counter to overflow, leading to a controlled out of bounds copy operation. To trigger this vulnerability, a specially crafted x509 certificate must be presented to the vulnerable client or server application when initiating secure connection
CVE-2016-6884MedMar 3, 2017
risk 0.42cvss 6.5epss 0.00
TLS cipher suites with CBC mode in TLS 1.1 and 1.2 in MatrixSSL before 3.8.3 allow remote attackers to cause a denial of service (out-of-bounds read) via a crafted message.
CVE-2016-6882MedMar 3, 2017
risk 0.38cvss 5.9epss 0.00
MatrixSSL before 3.8.7, when the DHE_RSA based cipher suite is supported, makes it easier for remote attackers to obtain RSA private key information by conducting a Lenstra side-channel attack.
CVE-2016-6887MedJan 13, 2017
risk 0.38cvss 5.9epss 0.00
The pstm_exptmod function in MatrixSSL 3.8.6 and earlier does not properly perform modular exponentiation, which might allow remote attackers to predict the secret key via a CRT attack.