CVE-2007-4995

Опубликовано: 13 окт. 2007

Источник: nvd

CVSS2: 9.3

EPSS Средний

Описание

Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8f allows remote attackers to execute arbitrary code via unspecified vectors.

Ссылки

http://bugs.gentoo.org/show_bug.cgi?id=195634
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01299773
http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html
http://secunia.com/advisories/25878
Vendor Advisory
http://secunia.com/advisories/27205
Vendor Advisory
http://secunia.com/advisories/27217
Vendor Advisory
http://secunia.com/advisories/27271
Vendor Advisory
http://secunia.com/advisories/27363
Vendor Advisory
http://secunia.com/advisories/27434
Vendor Advisory
http://secunia.com/advisories/27933
Vendor Advisory
http://secunia.com/advisories/28084
Vendor Advisory
http://secunia.com/advisories/30161
Vendor Advisory
http://secunia.com/advisories/30220
Vendor Advisory
http://secunia.com/advisories/30852
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200710-30.xml
http://securitytracker.com/id?1018810
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=738962
http://www.debian.org/security/2008/dsa-1571
http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:237

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*

EPSS

Процентиль: 93%

0.10352

Средний

9.3 Critical

CVSS2

Дефекты

CWE-189

Связанные уязвимости

CVE-2007-4995

ubuntu

больше 18 лет назад

Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8f allows remote attackers to execute arbitrary code via unspecified vectors.

CVE-2007-4995

redhat

больше 18 лет назад

Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8f allows remote attackers to execute arbitrary code via unspecified vectors.

CVE-2007-4995

debian

больше 18 лет назад

Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 before 0. ...

GHSA-wf86-8369-qhfj

github

почти 4 года назад

Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8f allows remote attackers to execute arbitrary code via unspecified vectors.

BDU:2015-09605

fstec

больше 18 лет назад

Уязвимость операционной системы Gentoo Linux, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

EPSS

Процентиль: 93%

0.10352

Средний

9.3 Critical

CVSS2

Дефекты

CWE-189