A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. This occurs after the certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failing to construct a path to a trusted issuer. An attacker can craft a malicious email address to overflow four attacker-controlled bytes on the stack. This buffer overflow could result in a crash (causing a denial of service) or potentially remote code execution.
Moxa has completed our review and determined that none of our products are impacted by this vulnerability.