CVE-2017-2781 — CRITICAL (9.8)

Vulnerability Description

An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a buffer overflow on the heap resulting in remote code execution. To trigger this vulnerability, a specially crafted x509 certificate must be presented to the vulnerable client or server application when initiating secure connection.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Matrixssl	Matrixssl	3.8.7b

Related Weaknesses (CWE)

CWE-787

References

http://www.securityfocus.com/bid/99249Third Party AdvisoryVDB Entry
https://talosintelligence.com/vulnerability_reports/TALOS-2017-0277ExploitThird Party AdvisoryVDB Entry
http://www.securityfocus.com/bid/99249Third Party AdvisoryVDB Entry
https://talosintelligence.com/vulnerability_reports/TALOS-2017-0277ExploitThird Party AdvisoryVDB Entry

FAQ

What is CVE-2017-2781?

CVE-2017-2781 is a vulnerability with a CVSS score of 9.8 (CRITICAL). An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a buffer overflo...

How severe is CVE-2017-2781?

CVE-2017-2781 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2017-2781?

Check the references section above for vendor advisories and patch information. Affected products include: Matrixssl Matrixssl.