Strike ID:
E19-0ztv3
CVSS:
6.9 (AV:L/AC:M/Au:N/C:C/I:C/A:C)
False Positive:
t
Variants:
32
Year:
2019

Description

This strike exploits a buffer overflow vulnerability found in MatrixSSL. The vulnerability is due to improper validation of user-supplied key size within pubRsaDecryptSignedElementExt. An attacker could exploit this vulnerability by crafting special X.509 certificate. A successful exploit could lead to arbitrary code execution or crash of the vulnerable application.

CVE

References

MSB

BID

ExploitDB

Secunia

Security Tracker

Metasploit

ZDI

Google

OSVDB

{}