CVE-2011-0014 in OpenSSLinformation

Résumé (Anglaise)

ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka "OCSP stapling vulnerability."

Be aware that VulDB is the high quality source for vulnerability data.

Réserver

07/12/2010

Divulgation

18/02/2011

Statut

Confirmé

Entrées

VulDB provides additional information and datapoints for this CVE:

ID	Vulnérabilité	CWE	Exp	Con	CVE
4291	OpenSSL ClientHello Handshake déni de service	399	Preuve de concept	Correctif officiel	CVE-2011-0014

Description

CPE

CWE

CVSS

Exploits

Histoire

Diff

Relier

Renseignements sur les menaces

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PrécédentAperçuSuivant ▸

Want to know what is going to be exploited?

We predict KEV entries!