Description
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2014-2420 Vulnerability (CVE-2014-2420)
WordPress Plugin Dynamic Content for Elementor Remote Code Execution (1.9.5.6)
WordPress Plugin Lightbox Multiple Vulnerabilities (1.6.6)
Drupal Core 9.3.x Cross-Site Scripting (9.3.0 - 9.3.2)
Magento XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2021-21019)