ssl/t1_lib.c in OpenSSL 0.9.8h up to and including 0.9.8q and 1.0.0 up to and including 1.0.0c allows remote malicious users to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka "OCSP stapling vulnerability."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openssl openssl 0.9.8h |
||
openssl openssl 0.9.8p |
||
openssl openssl 0.9.8q |
||
openssl openssl 0.9.8k |
||
openssl openssl 0.9.8l |
||
openssl openssl 0.9.8m |
||
openssl openssl 0.9.8i |
||
openssl openssl 0.9.8j |
||
openssl openssl 0.9.8n |
||
openssl openssl 0.9.8o |
||
openssl openssl 1.0.0b |
||
openssl openssl 1.0.0a |
||
openssl openssl 1.0.0 |
||
openssl openssl 1.0.0c |