Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in SSL3.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Openssl | Openssl | 0.9.1c (including) | 0.9.1c (including) |
Openssl | Openssl | 0.9.2b (including) | 0.9.2b (including) |
Openssl | Openssl | 0.9.3 (including) | 0.9.3 (including) |
Openssl | Openssl | 0.9.4 (including) | 0.9.4 (including) |
Openssl | Openssl | 0.9.5 (including) | 0.9.5 (including) |
Openssl | Openssl | 0.9.5a (including) | 0.9.5a (including) |
Openssl | Openssl | 0.9.6 (including) | 0.9.6 (including) |
Openssl | Openssl | 0.9.6a (including) | 0.9.6a (including) |
Openssl | Openssl | 0.9.6b (including) | 0.9.6b (including) |
Openssl | Openssl | 0.9.6c (including) | 0.9.6c (including) |
Openssl | Openssl | 0.9.6d (including) | 0.9.6d (including) |
Openssl | Openssl | 0.9.7-beta1 (including) | 0.9.7-beta1 (including) |
Openssl | Openssl | 0.9.7-beta2 (including) | 0.9.7-beta2 (including) |
Application_server | Oracle | * | * |
Application_server | Oracle | 1.0.2 (including) | 1.0.2 (including) |
Application_server | Oracle | 1.0.2.1s (including) | 1.0.2.1s (including) |
Application_server | Oracle | 1.0.2.2 (including) | 1.0.2.2 (including) |
Corporate_time_outlook_connector | Oracle | 3.1 (including) | 3.1 (including) |
Corporate_time_outlook_connector | Oracle | 3.1.1 (including) | 3.1.1 (including) |
Corporate_time_outlook_connector | Oracle | 3.1.2 (including) | 3.1.2 (including) |
Corporate_time_outlook_connector | Oracle | 3.3 (including) | 3.3 (including) |
Http_server | Oracle | 9.0.1 (including) | 9.0.1 (including) |
Http_server | Oracle | 9.2.0 (including) | 9.2.0 (including) |
Red Hat Enterprise Linux AS (Advanced Server) version 2.1 | RedHat | * | |
Red Hat Linux 6.2 | RedHat | * | |
Red Hat Linux 7.0 | RedHat | * | |
Red Hat Linux 7.1 | RedHat | * | |
Red Hat Linux 7.2 | RedHat | * | |
Red Hat Linux 7.3 | RedHat | * | |
Red Hat Stronghold 3 | RedHat | * | |
Red Hat Stronghold 4 | RedHat | * |