Description

Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g, when the TLS server name extensions are enabled, allows remote attackers to cause a denial of service (crash) via a malformed Client Hello packet. NOTE: some of these details are obtained from third party information.

Remediation

References

CVE-2008-0891

Related Vulnerabilities

WordPress Plugin World of Warcraft-Armory Table Cross-Site Scripting (0.2.5)

Liferay DXP Inefficient Regular Expression Complexity Vulnerability (CVE-2022-42124)

ownCloud Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-5606)

IBM WebSEAL CVE-2018-1722 Vulnerability (CVE-2018-1722)

WordPress Plugin WordPress Popular Posts Cross-Site Scripting (5.3.5)

Severity

Medium

Classification

CVE-2008-0891

Tags

Missing Update Known Vulnerabilities