icon

We found results for “

CVE-2015-0290

Good to know:

icon

Date: March 19, 2015

The multi-block feature in the ssl3_write_bytes function in s3_pkt.c in OpenSSL 1.0.2 before 1.0.2a on 64-bit x86 platforms with AES NI support does not properly handle certain non-blocking I/O cases, which allows remote attackers to cause a denial of service (pointer corruption and application crash) via unspecified vectors.

Language: C

Severity Score

Severity Score

Weakness Type (CWE)

Code

CWE-17

Top Fix

icon

Upgrade Version

Upgrade to version 1.0.2a

Learn More

CVSS v2

Base Score:
Access Vector (AV): NETWORK
Access Complexity (AC): LOW
Authentication (AU): NONE
Confidentiality (C): NONE
Integrity (I): NONE
Availability (A): PARTIAL
Additional information:

Do you need more information?

Contact Us