New Search

OpenSSL Security Bypass Vulnerability - CVE-2017-3735

oval:org.cisecurity:def:3377

While parsing an IPAddressFamily extension in an X.509 certificate it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL since then.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 10
  • Microsoft Windows Server 2003
  • Microsoft Windows 8
  • Microsoft Windows Server 2008 R2
  • Microsoft Windows Server 2016
  • Microsoft Windows Server 2012 R2
  • Microsoft Windows 8.1
  • Microsoft Windows Vista
  • Microsoft Windows 7
  • Microsoft Windows Server 2012
  • Microsoft Windows Server 2008
Class:
vulnerability
Reference(s):
  • CVE-2017-3735
Product(s):
  • OpenSSL