Description

ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka "OCSP stapling vulnerability."

Remediation

References

CVE-2011-0014

Related Vulnerabilities

Nexus Repository Manager Server-Side Request Forgery (SSRF) Vulnerability (CVE-2022-27907)

Ampache Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-0771)

WordPress Plugin Data Tables Generator by Supsystic Multiple Vulnerabilities (1.9.91)

WordPress Plugin Spam protection, AntiSpam, FireWall by CleanTalk SQL Injection (5.153.3)

WordPress Plugin Glass Cross-Site Request Forgery (1.3.2)

Severity

Medium

Classification

CVE-2011-0014

Tags

Missing Update Known Vulnerabilities