CVE-2011-4576 in OpenSSLالمعلومات

الملخص

بحسب MITRE

The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

حجز

29/11/2011

إفشاء

05/01/2012

الاعتدال

تمت الموافقة

إدخال

VDB-4516

CPE

جاهز

CWE

CWE-310 (مؤكد)

CVSS

5.0 (NVD)

EPSS

0.14523

KEV

لا

النشاطات

منخفض جدًا

القطاع

Finance, Industry, ...

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-4576
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-4576
CVE Details	https://www.cvedetails.com/cve/CVE-2011-4576/

التالي ▸نظرة عامة ◂ السابق

Interested in the pricing of exploits?

See the underground prices here!