WEB APPLICATION VULNERABILITIES Standard & Premium

OpenSSL Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2015-0206)

Description

Memory leak in the dtls1_buffer_record function in d1_pkt.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate records for the next epoch, leading to failure of replay detection.

Remediation

References

Related Vulnerabilities

WordPress Plugin Related Posts Lite Security Bypass (1.1)

WordPress Plugin Google XML Sitemap for Images Cross-Site Request Forgery (2.1.3)

PHP Improper Input Validation Vulnerability (CVE-2010-3870)

WordPress Plugin DM Albums File Dislosure (1.9.2)

Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-5504)

Severity

Medium

Classification

CVE-2015-0206 CWE-119

Tags

Missing Update Known Vulnerabilities