CVE-2013-5914
medium
CVSS v3
—
CVSS v2
6.8
VIR risk
6.8
Description
Buffer overflow in the ssl_read_record function in ssl_tls.c in PolarSSL before 1.1.8, when using TLS 1.1, might allow remote attackers to execute arbitrary code via a long packet.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: cve@mitre.org — https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2013-04
References
CWEs
CWE-119
Verify integrity in audit chain (admin only). AS-IS.