OpenSSL - 'ssl3_get_key_exchange()' Use-After-Free Memory Corruption

                							

                source: http://www.securityfocus.com/bid/42306/info

OpenSSL is prone to a remote memory-corruption vulnerability.

Successfully exploiting this issue may allow an attacker to execute arbitrary code in the context of the application using the vulnerable library. Failed exploit attempts will result in a denial-of-service condition.

The issue affects OpenSSL 1.0.0a; other versions may also be affected. 

https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/34427.zip