Description
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
Remediation
References
Related Vulnerabilities
MediaWiki Improper Access Control Vulnerability (CVE-2012-4379)
WordPress Plugin Zotpress 'citation' Parameter Cross-Site Scripting (2.6.1)
Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2019-10097)
Play Framework Improper Restriction of XML External Entity Reference Vulnerability (CVE-2014-3630)