CVE-2013-0166 in OpenSSL信息

摘要 (英语)

OpenSSL before 0.9.8y, 1.0.0 before 1.0.0k, and 1.0.1 before 1.0.1d does not properly perform signature verification for OCSP responses, which allows remote OCSP servers to cause a denial of service (NULL pointer dereference and application crash) via an invalid key.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

预定

2012-12-06

披露

2013-02-08

状态

已确认

条目

VulDB provides additional information and datapoints for this CVE:

标识符	漏洞	CWE	可利用	对策	CVE
7597	OpenSSL OSCP 弱加密	310	未经证实	官方修复	CVE-2013-0166

描述

CPE

CWE

CVSS

漏洞利用

历史

差异

连接

威胁情报

API JSON

API XML

API CSV

来源

MITRE
NVD
CVE Details

◂ 上一步一览下一步 ▸

Might our Artificial Intelligence support you?

Check our Alexa App!