CVE-2011-0651 Information

Description

Buffer overflow in the key exchange functionality in Icon Labs Iconfidant SSL Server before 1.3.0 allows remote attackers to execute arbitrary code via a client master key packet in which the sum of unspecified length fields is greater than a certain value.

Reference

http://osvdb.org/70599 http://secunia.com/advisories/42971 http://www.securityfocus.com/bid/45938 http://www.zerodayinitiative.com/advisories/ZDI-11-021/ https://exchange.xforce.ibmcloud.com/vulnerabilities/64868