Vulnerabilities > Matrixssl > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-01-13 CVE-2016-6886 Key Management Errors vulnerability in Matrixssl 3.8.2/3.8.3
The pstm_reverse function in MatrixSSL before 3.8.4 allows remote attackers to cause a denial of service (invalid memory read and crash) via a (1) zero value or (2) the key's modulus for the secret key during RSA key exchange.
network
low complexity
matrixssl CWE-320
5.0
5.0
2017-01-13 CVE-2016-6885 Use After Free vulnerability in Matrixssl 3.8.2/3.8.3
The pstm_exptmod function in MatrixSSL before 3.8.4 allows remote attackers to cause a denial of service (invalid free and crash) via a base zero value for the modular exponentiation.
network
low complexity
matrixssl CWE-416
5.0
5.0
2017-01-05 CVE-2016-6892 Use After Free vulnerability in Matrixssl
The x509FreeExtensions function in MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service (free of unallocated memory) via a crafted X.509 certificate.
network
low complexity
matrixssl CWE-416
5.0
5.0
2017-01-05 CVE-2016-6891 Out-of-bounds Read vulnerability in Matrixssl
MatrixSSL before 3.8.6 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ASN.1 Bit Field primitive in an X.509 certificate.
network
low complexity
matrixssl CWE-125
5.0
5.0