Description

Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp.

Remediation

References

CVE-2008-0226

Related Vulnerabilities

WordPress Other Vulnerability (CVE-2005-1687)

WordPress Plugin Indexisto WordPress Site Search Cross-Site Scripting (1.0.5)

WordPress Plugin WP Booking Cross-Site Scripting (1.4)

WordPress Plugin WP Marketplace-Complete Shopping Cart/eCommerce Solution Arbitrary File Download (2.4.0)

Drupal Deserialization of Untrusted Data Vulnerability (CVE-2019-6338)

Severity

High

Classification

CVE-2008-0226 CWE-119

Tags

Missing Update Known Vulnerabilities