WEB APPLICATION VULNERABILITIES Standard & Premium

OpenSSL Resource Management Errors Vulnerability (CVE-2014-3507)

Description

Memory leak in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (memory consumption) via zero-length DTLS fragments that trigger improper handling of the return value of a certain insert function.

Remediation

References

Related Vulnerabilities

WordPress Plugin WP Visitor Statistics (Real Time Traffic) SQL Injection (5.7)

WordPress Plugin Age Gate Unspecified Vulnerability (2.18.5)

WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-39200)

Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-2060)

TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-3629)

Severity

Medium

Classification

Tags

Missing Update Known Vulnerabilities