Vulnerabilities > CVE-2019-8981 - Out-of-bounds Write vulnerability in Axtls Project Axtls

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

axtls-project

CWE-787

critical

NVD

Published: 2019-03-26

Updated: 2021-07-21

Summary

tls1.c in Cameron Hamilton-Rich axTLS before 2.1.5 has a Buffer Overflow via a crafted sequence of TLS packets because the need_bytes value is mismanaged.

Vulnerable Configurations

Part	Description	Count
Application	Axtls_Project Axtls Project Axtls 1.4.2 Axtls Project Axtls 1.4.3 Axtls Project Axtls 1.4.4 Axtls Project Axtls 1.4.5 Axtls Project Axtls 1.4.6 Axtls Project Axtls 1.4.8 Axtls Project Axtls 1.4.9 Axtls Project Axtls 1.5.0 Axtls Project Axtls 1.5.1 Axtls Project Axtls 1.5.2 Axtls Project Axtls 1.5.3 Axtls Project Axtls 1.5.4 Axtls Project Axtls 2.0.0 Axtls Project Axtls 2.0.1 Axtls Project Axtls 2.1.0 Axtls Project Axtls 2.1.1 Axtls Project Axtls 2.1.2 Axtls Project Axtls 2.1.3 Axtls Project Axtls 2.1.4 Axtls Project Axtls 2.1.5	20

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References