Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
History
No history.
Information
Published : 2008-01-10 23:46
Updated : 2024-02-28 11:01
NVD link : CVE-2008-0226
Mitre link : CVE-2008-0226
CVE.ORG link : CVE-2008-0226
JSON object : View
Products Affected
debian
- debian_linux
mysql
- mysql
apple
- mac_os_x
canonical
- ubuntu_linux
oracle
- mysql
yassl
- yassl
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer