pubRsaDecryptSignedElementExt in MatrixSSL 4.0.1 Open, as used in Inside Secure TLS Toolkit, has a stack-based buffer overflow during X.509 certificate verification because of missing validation in psRsaDecryptPubExt in crypto/pubkey/rsa_pub.c.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HMatrixssl
APPMatrixssl≤ 4.0.2
Related vulnerabilities
In MatrixSSL 3.8.3 Open through 4.2.1 Open, the DTLS server mishandles incoming network messages leading to a ...
MatrixSSL before 4.2.1 has an out-of-bounds read during ASN.1 handling.
An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of Insi...
An exploitable heap buffer overflow vulnerability exists in the X509 certificate parsing functionality of Insi...
Heap-based buffer overflow in MatrixSSL before 3.8.6 allows remote attackers to execute arbitrary code via a c...