QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2010-0740

Back to search

CVE-2010-0740

Published: Mar 26, 2010

Modified: Aug 7, 2024

PUBLISHED

Description

The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through 0.9.8m allows remote attackers to cause a denial of service (crash) via a malformed record in a TLS connection that triggers a NULL pointer dereference, related to the minor version number. NOTE: some of these details are obtained from third party information.

VendorProductVersions

n/a

n/a

affected
n/a

References

42724
third-party-advisory
x_refsource_SECUNIA
HPSBUX02531
vendor-advisory
x_refsource_HP
APPLE-SA-2011-06-23-1
vendor-advisory
x_refsource_APPLE
ADV-2010-0710
vdb-entry
x_refsource_VUPEN
ADV-2010-0839
vdb-entry
x_refsource_VUPEN
SSRT100108
vendor-advisory
x_refsource_HP
MDVSA-2010:076
vendor-advisory
x_refsource_MANDRIVA
HPSBUX02517
vendor-advisory
x_refsource_HP
1023748
vdb-entry
x_refsource_SECTRACK
39932
third-party-advisory
x_refsource_SECUNIA
ADV-2010-0933
vdb-entry
x_refsource_VUPEN
SSRT100058
vendor-advisory
x_refsource_HP
oval:org.mitre.oval:def:11731
vdb-entry
signature
x_refsource_OVAL
43311
third-party-advisory
x_refsource_SECUNIA
ADV-2010-1216
vdb-entry
x_refsource_VUPEN
42733
third-party-advisory
x_refsource_SECUNIA
FEDORA-2010-5744
vendor-advisory
x_refsource_FEDORA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now