CVE-2007-4995

2007-10-1301:17:00

CWE-189

[email protected]

web.nvd.nist.gov

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.171

Percentile

96.2%

JSON

Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8f allows remote attackers to execute arbitrary code via unspecified vectors.

Affected configurations

Nvd

Node

opensslopensslMatch0.9.8

opensslopensslMatch0.9.8a

opensslopensslMatch0.9.8b

opensslopensslMatch0.9.8c

opensslopensslMatch0.9.8d

opensslopensslMatch0.9.8e

VendorProductVersionCPE
opensslopenssl0.9.8cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*
opensslopenssl0.9.8acpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*
opensslopenssl0.9.8bcpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*
opensslopenssl0.9.8ccpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*
opensslopenssl0.9.8dcpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*
opensslopenssl0.9.8ecpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
openssl	openssl	0.9.8	cpe:2.3:a:openssl:openssl:0.9.8:::::::*
openssl	openssl	0.9.8a	cpe:2.3:a:openssl:openssl:0.9.8a:::::::*
openssl	openssl	0.9.8b	cpe:2.3:a:openssl:openssl:0.9.8b:::::::*
openssl	openssl	0.9.8c	cpe:2.3:a:openssl:openssl:0.9.8c:::::::*
openssl	openssl	0.9.8d	cpe:2.3:a:openssl:openssl:0.9.8d:::::::*
openssl	openssl	0.9.8e	cpe:2.3:a:openssl:openssl:0.9.8e:::::::*