CVE-2013-4623: CVE-2013-4623

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2013-4623

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

The x509parse_crt function in x509.h in PolarSSL 1.1.x before 1.1.7 and 1.2.x before 1.2.8 does not properly parse certificate messages during the SSL/TLS handshake, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certificate message that contains a PEM encoded certificate.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Offspark PolarSSL Certificate Message 远程拒绝服务漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Offspark PolarSSL是荷兰Offspark公司的一个SSL加密库。该库具有便于移植和集成的特点。 PolarSSL 1.1.7之前的1.1.x版本以及1.2.8之前的1.2.x版本中的x509.h文件中的‘x509parse_crt’函数中存在拒绝服务漏洞，该漏洞源于程序在SSL/TLS握手期间没有正确地解析证书报文。远程攻击者可借助含有PEM编码证书的证书报文利用该漏洞导致拒绝服务（无限循环以及CPU消耗）。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2013-4623

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2013-4623

Please Login to view more intelligence information

🔗 https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2013-03x_refsource_CONFIRM
🔗 https://bugzilla.redhat.com/show_bug.cgi?id=997767x_refsource_CONFIRM
🔗 https://github.com/polarssl/polarssl/commit/1922a4e6aade7b1d685af19d4d9339ddb5c02859x_refsource_CONFIRM
🔗 http://www.securityfocus.com/bid/61764vdb-entryx_refsource_BID
🔗 http://www.debian.org/security/2013/dsa-2782vendor-advisoryx_refsource_DEBIAN
🔗 http://lists.fedoraproject.org/pipermail/package-announce/2013-September/115927.htmlvendor-advisoryx_refsource_FEDORA
🔗 http://lists.fedoraproject.org/pipermail/package-announce/2013-September/116351.htmlvendor-advisoryx_refsource_FEDORA
🔗 http://lists.fedoraproject.org/pipermail/package-announce/2013-September/115922.htmlvendor-advisoryx_refsource_FEDORA
https://nvd.nist.gov/vuln/detail/CVE-2013-4623

New Vulnerabilities

Product: n/a

Vendor: n/a

V. Comments for CVE-2013-4623

No comments yet

Support Us — Your donation helps us keep running

I. Basic Information for CVE-2013-4623

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2013-4623

III. Intelligence Information for CVE-2013-4623

New Vulnerabilities

V. Comments for CVE-2013-4623

Leave a comment