Description

Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp.

Remediation

References

CVE-2008-0226

Related Vulnerabilities

WordPress Plugin NextGEN Gallery-WordPress Gallery Multiple HTML Injection Vulnerabilities (1.9.0)

Dotclear Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-5083)

XWikiplatform Use of Password Hash With Insufficient Computational Effort Vulnerability (CVE-2024-31464)

Oracle Application Server CVE-2008-0343 Vulnerability (CVE-2008-0343)

phpList Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-2740)

Severity

High

Classification

CVE-2008-0226 CWE-119

Tags

Missing Update Known Vulnerabilities