Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
History
No history.
Information
Published : 2008-01-10 23:46
Updated : 2024-02-04 17:13
NVD link : CVE-2008-0226
Mitre link : CVE-2008-0226
CVE.ORG link : CVE-2008-0226
JSON object : View
Products Affected
yassl
- yassl
apple
- mac_os_x
oracle
- mysql
canonical
- ubuntu_linux
mysql
- mysql
debian
- debian_linux
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer