exploitDog

CVE-2017-1000416

Опубликовано: 22 янв. 2018

Источник: nvd

CVSS3: 5.3

CVSS2: 5

EPSS Низкий

Описание

axTLS version 1.5.3 has a coding error in the ASN.1 parser resulting in the year (19)50 of UTCTime being misinterpreted as 2050.

Ссылки

https://www.ieee-security.org/TC/SP2017/papers/231.pdf
Technical Description
Third Party Advisory
https://www.youtube.com/watch?v=FW--c_F_cY8
Third Party Advisory
https://www.ieee-security.org/TC/SP2017/papers/231.pdf
Technical Description
Third Party Advisory
https://www.youtube.com/watch?v=FW--c_F_cY8
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:axtls_project:axtls:1.5.3:*:*:*:*:*:*:*

EPSS

Процентиль: 52%

0.00294

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-193

Связанные уязвимости

CVE-2017-1000416

CVSS3: 5.3

debian

около 8 лет назад

axTLS version 1.5.3 has a coding error in the ASN.1 parser resulting i ...

GHSA-56mf-wc59-ghx4

CVSS3: 5.3

github

больше 3 лет назад

axTLS version 1.5.3 has a coding error in the ASN.1 parser resulting in the year (19)50 of UTCTime being misinterpreted as 2050.

EPSS

Процентиль: 52%

0.00294

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-193