漏洞类别:General remote services
漏洞等级: 
漏洞信息
MatrixSSL is an Open-Source TLS/SSL implementation.
The software is exposed to following security vulnerabilities: - Heap-based Buffer Overflow - CVE-2016-6890. - Improper Restriction of Operations within the Bounds of a Memory Buffer - CVE-2016-6891. - Free of Memory not on the Heap - CVE-2016-6892.
Affected Versions:
MatrixSSL prior to 3.8.6
漏洞危害
An attacker can use the overflow vulnerability to inject a specially crafted code into a working memory which will be executed by a vulnerable application.
解决方案
Upgrade to MatrixSSL 3.8.6
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论