CVE-2011-0651
Icon Labs Iconfidant SSL Server < 1.2.9 - Buffer Overflow via Client Master Key Packet
Title source: llmDescription
Buffer overflow in the key exchange functionality in Icon Labs Iconfidant SSL Server before 1.3.0 allows remote attackers to execute arbitrary code via a client master key packet in which the sum of unspecified length fields is greater than a certain value.
References (5)
Core 5
Core References
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-11-021/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/64868
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/70599
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/42971
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/45938
Scores
EPSS
0.0489
EPSS Percentile
91.1%
Details
CWE
CWE-119
Status
published
Products (1)
icon-labs/iconfidant_ssl_server
< 1.2.9
Published
Jan 28, 2011
Tracked Since
Feb 18, 2026