CVE-2019-14431

In MatrixSSL 3.8.3 Open through 4.2.1 Open, the DTLS server mishandles incoming network messages leading to a heap-based buffer overflow of up to 256 bytes and possible Remote Code Execution in parseSSLHandshake in sslDecode.c. During processing of a crafted packet, the server mishandles the fragment length value provided in the DTLS message.
References
Link Resource
https://github.com/matrixssl/matrixssl/issues/30 Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:matrixssl:matrixssl:*:*:*:*:*:*:*:*

Information

Published : 2019-07-29 10:15

Updated : 2020-08-24 05:37


NVD link : CVE-2019-14431

Mitre link : CVE-2019-14431

Products Affected
No products.