ByteOS Network

NVD Vulnerability Details :

CVE-2017-3735

Deferred

Source-openssl-security@openssl.org

Published At-28 Aug, 2017 | 19:29

Updated At-20 Apr, 2025 | 01:37

While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.0	5.3	MEDIUM	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Primary	2.0	5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:P/A:N

Hyperlink	Source	Resource
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html	openssl-security@openssl.org	N/A
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html	openssl-security@openssl.org	N/A
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html	openssl-security@openssl.org	N/A
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html	openssl-security@openssl.org	N/A
http://www.securityfocus.com/bid/100515	openssl-security@openssl.org	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039726	openssl-security@openssl.org	Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHSA-2018:3221	openssl-security@openssl.org	N/A
https://access.redhat.com/errata/RHSA-2018:3505	openssl-security@openssl.org	N/A
https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf	openssl-security@openssl.org	N/A
https://github.com/openssl/openssl/commit/068b963bb7afc57f5bdd723de0dd15e7795d5822	openssl-security@openssl.org	N/A
https://lists.debian.org/debian-lts-announce/2017/11/msg00011.html	openssl-security@openssl.org	N/A
https://security.FreeBSD.org/advisories/FreeBSD-SA-17:11.openssl.asc	openssl-security@openssl.org	N/A
https://security.gentoo.org/glsa/201712-03	openssl-security@openssl.org	N/A
https://security.netapp.com/advisory/ntap-20170927-0001/	openssl-security@openssl.org	Issue Tracking Third Party Advisory
https://security.netapp.com/advisory/ntap-20171107-0002/	openssl-security@openssl.org	Issue Tracking Third Party Advisory
https://support.apple.com/HT208331	openssl-security@openssl.org	N/A
https://usn.ubuntu.com/3611-2/	openssl-security@openssl.org	N/A
https://www.debian.org/security/2017/dsa-4017	openssl-security@openssl.org	Third Party Advisory
https://www.debian.org/security/2017/dsa-4018	openssl-security@openssl.org	Third Party Advisory
https://www.openssl.org/news/secadv/20170828.txt	openssl-security@openssl.org	Patch Vendor Advisory
https://www.openssl.org/news/secadv/20171102.txt	openssl-security@openssl.org	Issue Tracking Vendor Advisory
https://www.oracle.com//security-alerts/cpujul2021.html	openssl-security@openssl.org	N/A
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html	openssl-security@openssl.org	N/A
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html	openssl-security@openssl.org	N/A
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html	openssl-security@openssl.org	N/A
https://www.tenable.com/security/tns-2017-14	openssl-security@openssl.org	Issue Tracking Third Party Advisory
https://www.tenable.com/security/tns-2017-15	openssl-security@openssl.org	N/A
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.securityfocus.com/bid/100515	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039726	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHSA-2018:3221	af854a3a-2127-422b-91ae-364da2661108	N/A
https://access.redhat.com/errata/RHSA-2018:3505	af854a3a-2127-422b-91ae-364da2661108	N/A
https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf	af854a3a-2127-422b-91ae-364da2661108	N/A
https://github.com/openssl/openssl/commit/068b963bb7afc57f5bdd723de0dd15e7795d5822	af854a3a-2127-422b-91ae-364da2661108	N/A
https://lists.debian.org/debian-lts-announce/2017/11/msg00011.html	af854a3a-2127-422b-91ae-364da2661108	N/A
https://security.FreeBSD.org/advisories/FreeBSD-SA-17:11.openssl.asc	af854a3a-2127-422b-91ae-364da2661108	N/A
https://security.gentoo.org/glsa/201712-03	af854a3a-2127-422b-91ae-364da2661108	N/A
https://security.netapp.com/advisory/ntap-20170927-0001/	af854a3a-2127-422b-91ae-364da2661108	Issue Tracking Third Party Advisory
https://security.netapp.com/advisory/ntap-20171107-0002/	af854a3a-2127-422b-91ae-364da2661108	Issue Tracking Third Party Advisory
https://support.apple.com/HT208331	af854a3a-2127-422b-91ae-364da2661108	N/A
https://usn.ubuntu.com/3611-2/	af854a3a-2127-422b-91ae-364da2661108	N/A
https://www.debian.org/security/2017/dsa-4017	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
https://www.debian.org/security/2017/dsa-4018	af854a3a-2127-422b-91ae-364da2661108	Third Party Advisory
https://www.openssl.org/news/secadv/20170828.txt	af854a3a-2127-422b-91ae-364da2661108	Patch Vendor Advisory
https://www.openssl.org/news/secadv/20171102.txt	af854a3a-2127-422b-91ae-364da2661108	Issue Tracking Vendor Advisory
https://www.oracle.com//security-alerts/cpujul2021.html	af854a3a-2127-422b-91ae-364da2661108	N/A
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html	af854a3a-2127-422b-91ae-364da2661108	N/A
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html	af854a3a-2127-422b-91ae-364da2661108	N/A
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html	af854a3a-2127-422b-91ae-364da2661108	N/A
https://www.tenable.com/security/tns-2017-14	af854a3a-2127-422b-91ae-364da2661108	Issue Tracking Third Party Advisory
https://www.tenable.com/security/tns-2017-15	af854a3a-2127-422b-91ae-364da2661108	N/A

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History