CVE-2014-0221 in Apple Mac OS Xinfo

Summary

The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (recursion and client crash) via a DTLS hello message in an invalid DTLS handshake.

Reservation

12/03/2013

Disclosure

06/05/2014

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
67657	Apple Mac OS X OpenSSL d1_both.c dtls1_get_message_fragment resource management	399	Not defined	Official fix	CVE-2014-0221
13453	OpenSSL DTLS Handshake resource management	399	Not defined	Official fix	CVE-2014-0221

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸

Want to know what is going to be exploited?

We predict KEV entries!