CVE-2010-3864

by Fred · 17/11/2010

Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap-based buffer overflow, related to (1) the TLS server name extension and (2) elliptic curve cryptography.

Date published : 2010-11-17

http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html

http://www.securityfocus.com/archive/1/516397/100/0/threaded

CVE-2010-3864

Similar

Recent Posts

Categories

CVE-2010-3864

Share this:

Similar

Recent Posts

Categories

Tags