CVE-2017-3735 in Apple macOSinfo

Summary

While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g.

Reservation

12/16/2016

Disclosure

08/28/2017

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
110413	Apple macOS OpenSSL memory corruption	119	Not defined	Official fix	CVE-2017-3735
105828	OpenSSL X.509 Certificate memory corruption	119	Not defined	Official fix	CVE-2017-3735

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸

Do you know our Splunk app?

Download it now for free!