Description
Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp.
Remediation
References
Related Vulnerabilities
Liferay Portal Deserialization of Untrusted Data Vulnerability (CVE-2020-7961)
WordPress Plugin WP User Frontend Arbitrary File Upload (2.3.10)
WordPress Plugin Ninja Forms with File Uploads Extension Multiple Vulnerabilities (3.0.22)
MySQL CVE-2013-1511 Vulnerability (CVE-2013-1511)
Oracle Application Server CVE-2008-7237 Vulnerability (CVE-2008-7237)