Buffer Overflow in process_certificate function in axTLS through 2.1.5 via crafted TLS certificate handshake message

CVE-2019-9689 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

process_certificate in tls1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow via a crafted TLS certificate handshake message with zero certificates.

Learn more about our Web Application Penetration Testing UK.