← voltar
CVE-2014-2898

CVE-2014-2898

EPSS 2.8%
wolfSSL CyaSSL before 2.9.4 allows remote attackers to have unspecified impact via multiple calls to the CyaSSL_read function which triggers an out-of-bounds read when an error occurs, related to not checking the return code and MAC verification failure.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://seclists.org/oss-sec/2014/q2/126http://seclists.org/oss-sec/2014/q2/130http://www.wolfssl.com/yaSSL/Blog/Entries/2014/4/11_wolfSSL_Security_Advisory__April_9%2C_2014.htmlhttp://www.wolfssl.com/yaSSL/Docs-cyassl-changelog.html