CVE-2017-1000416

axTLS version 1.5.3 has a coding error in the ASN.1 parser resulting in the year (19)50 of UTCTime being misinterpreted as 2050.
References
Link Resource
https://www.ieee-security.org/TC/SP2017/papers/231.pdf Technical Description Third Party Advisory
https://www.youtube.com/watch?v=FW--c_F_cY8 Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:axtls_project:axtls:1.5.3:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-01-22 23:29

Updated : 2024-02-04 19:46


NVD link : CVE-2017-1000416

Mitre link : CVE-2017-1000416

CVE.ORG link : CVE-2017-1000416


JSON object : View

Products Affected

axtls_project

  • axtls
CWE
CWE-193

Off-by-one Error