WEB APPLICATION VULNERABILITIES Standard & Premium

OpenSSL Cryptographic Issues Vulnerability (CVE-2013-6449)

Description

The ssl_get_algorithm2 function in ssl/s3_lib.c in OpenSSL before 1.0.2 obtains a certain version number from an incorrect data structure, which allows remote attackers to cause a denial of service (daemon crash) via crafted traffic from a TLS 1.2 client.

Remediation

References

Related Vulnerabilities

Oracle Application Server CVE-2009-0983 Vulnerability (CVE-2009-0983)

MySQL CVE-2012-3180 Vulnerability (CVE-2012-3180)

MySQL Other Vulnerability (CVE-2002-1923)

PHP Other Vulnerability (CVE-2003-0166)

WordPress Plugin Coming Soon, Under Construction & Maintenance Mode By Dazzler Unspecified Vulnerability (1.6.8)

Severity

Medium

Classification

Tags

Missing Update Known Vulnerabilities