CVE-2011-0651

Icon Labs Iconfidant SSL Server < 1.2.9 - Buffer Overflow via Client Master Key Packet

Title source: llm
STIX 2.1

Description

Buffer overflow in the key exchange functionality in Icon Labs Iconfidant SSL Server before 1.3.0 allows remote attackers to execute arbitrary code via a client master key packet in which the sum of unspecified length fields is greater than a certain value.

References (5)

Core 5
Core References
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-11-021/
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/64868
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/70599
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/42971
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/45938

Scores

EPSS 0.0489
EPSS Percentile 91.1%

Details

CWE
CWE-119
Status published
Products (1)
icon-labs/iconfidant_ssl_server < 1.2.9
Published Jan 28, 2011
Tracked Since Feb 18, 2026