CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
AI Score
Confidence
High
EPSS
Percentile
80.3%
Array index error in the SSL module in PolarSSL before 1.2.5 might allow remote attackers to cause a denial of service via vectors involving a crafted padding-length value during validation of CBC padding in a TLS session, a different vulnerability than CVE-2013-0169.
Vendor | Product | Version | CPE |
---|---|---|---|
polarssl | polarssl | * | cpe:2.3:a:polarssl:polarssl:*:*:*:*:*:*:*:* |
polarssl | polarssl | 0.10.0 | cpe:2.3:a:polarssl:polarssl:0.10.0:*:*:*:*:*:*:* |
polarssl | polarssl | 0.10.1 | cpe:2.3:a:polarssl:polarssl:0.10.1:*:*:*:*:*:*:* |
polarssl | polarssl | 0.11.0 | cpe:2.3:a:polarssl:polarssl:0.11.0:*:*:*:*:*:*:* |
polarssl | polarssl | 0.11.1 | cpe:2.3:a:polarssl:polarssl:0.11.1:*:*:*:*:*:*:* |
polarssl | polarssl | 0.12.0 | cpe:2.3:a:polarssl:polarssl:0.12.0:*:*:*:*:*:*:* |
polarssl | polarssl | 0.12.1 | cpe:2.3:a:polarssl:polarssl:0.12.1:*:*:*:*:*:*:* |
polarssl | polarssl | 0.13.1 | cpe:2.3:a:polarssl:polarssl:0.13.1:*:*:*:*:*:*:* |
polarssl | polarssl | 0.14.0 | cpe:2.3:a:polarssl:polarssl:0.14.0:*:*:*:*:*:*:* |
polarssl | polarssl | 0.14.2 | cpe:2.3:a:polarssl:polarssl:0.14.2:*:*:*:*:*:*:* |