CVE-2014-3470 : Detail

CVE-2014-3470

Memory Corruption
97.05%V3
Network
2014-06-05 19:00 +00:00
2020-02-10 13:06 +00:00

Alert for a CVE

Stay informed of any changes for a specific CVE.
Alert management

Descriptions

The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value.

Informations

Related Weaknesses

CWE-ID Weakness Name Source
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.

Metrics

Metric Score Severity CVSS Vector Source
V2 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P [email protected]

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

Products Mentioned

Configuraton 0

Openssl>>Openssl >> Version To (excluding) 0.9.8za

Openssl>>Openssl >> Version From (including) 1.0.0 To (excluding) 1.0.0m

Openssl>>Openssl >> Version From (including) 1.0.1 To (excluding) 1.0.1h

Configuraton 0

Redhat>>Storage >> Version 2.1

Fedoraproject>>Fedora >> Version *

Redhat>>Enterprise_linux >> Version 5

Redhat>>Enterprise_linux >> Version 6.0

Configuraton 0

Mariadb>>Mariadb >> Version From (including) 10.0.0 To (excluding) 10.0.13

Configuraton 0

Fedoraproject>>Fedora >> Version 19

Fedoraproject>>Fedora >> Version 20

Configuraton 0

Opensuse>>Leap >> Version 42.1

Opensuse>>Opensuse >> Version 13.2

Suse>>Linux_enterprise_desktop >> Version 12

Suse>>Linux_enterprise_server >> Version 12

Suse>>Linux_enterprise_software_development_kit >> Version 12

Suse>>Linux_enterprise_workstation_extension >> Version 12

References

http://secunia.com/advisories/59342
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59669
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59525
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59282
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59990
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59264
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59126
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59306
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59445
Tags : third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=140266410314613&w=2
Tags : vendor-advisory, x_refsource_HP
http://secunia.com/advisories/59340
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/61254
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59223
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59895
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59449
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59442
Tags : third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=140317760000786&w=2
Tags : vendor-advisory, x_refsource_HP
http://secunia.com/advisories/59441
Tags : third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=140621259019789&w=2
Tags : vendor-advisory, x_refsource_HP
http://secunia.com/advisories/59189
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDVSA-2014:106
Tags : vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/58742
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59300
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/58667
Tags : third-party-advisory, x_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-201407-05.xml
Tags : vendor-advisory, x_refsource_GENTOO
http://secunia.com/advisories/59191
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59284
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59365
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59483
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59495
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/58945
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59659
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59440
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59655
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/58716
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59437
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59310
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.splunk.com/view/SP-CAAAM2D
Tags : x_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=140389274407904&w=2
Tags : vendor-advisory, x_refsource_HP
http://secunia.com/advisories/59167
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59120
Tags : third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=140499827729550&w=2
Tags : vendor-advisory, x_refsource_HP
http://www.mandriva.com/security/advisories?name=MDVSA-2014:105
Tags : vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/59460
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/58939
Tags : third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=140266410314613&w=2
Tags : vendor-advisory, x_refsource_HP
http://secunia.com/advisories/59514
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59438
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/58714
Tags : third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=140482916501310&w=2
Tags : vendor-advisory, x_refsource_HP
http://secunia.com/advisories/58615
Tags : third-party-advisory, x_refsource_SECUNIA
http://seclists.org/fulldisclosure/2014/Dec/23
Tags : mailing-list, x_refsource_FULLDISC
http://support.apple.com/kb/HT6443
Tags : x_refsource_CONFIRM
http://secunia.com/advisories/59301
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59784
Tags : third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=140904544427729&w=2
Tags : vendor-advisory, x_refsource_HP
http://www.securityfocus.com/bid/67898
Tags : vdb-entry, x_refsource_BID
http://secunia.com/advisories/59192
Tags : third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=140752315422991&w=2
Tags : vendor-advisory, x_refsource_HP
http://secunia.com/advisories/58579
Tags : third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=140389355508263&w=2
Tags : vendor-advisory, x_refsource_HP
http://secunia.com/advisories/59175
Tags : third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=140448122410568&w=2
Tags : vendor-advisory, x_refsource_HP
http://secunia.com/advisories/59666
Tags : third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=140431828824371&w=2
Tags : vendor-advisory, x_refsource_HP
http://secunia.com/advisories/59413
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59721
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/58713
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59362
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDVSA-2015:062
Tags : vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/59450
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59287
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59491
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59364
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59451
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/58977
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/60571
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59459
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.blackberry.com/btsc/KB36051
Tags : x_refsource_CONFIRM
http://secunia.com/advisories/59431
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/58337
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59518
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59162
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59490
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/59916
Tags : third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=140491231331543&w=2
Tags : vendor-advisory, x_refsource_HP
http://secunia.com/advisories/58797
Tags : third-party-advisory, x_refsource_SECUNIA
Click on the button to the left (OFF), to authorize the inscription of cookie improving the functionalities of the site. Click on the button to the left (Accept all), to unauthorize the inscription of cookie improving the functionalities of the site.