Lucene search
OpenSSLOPENSSL:CVE-2010-5298HistoryApr 08, 2014 - 12:00 a.m.
Vulnerability in OpenSSL CVE-2010-5298
2014-04-0800:00:00
www.openssl.org
24
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:N/I:P/A:P
7.4 High
AI Score
Confidence
High
0.029 Low
EPSS
Percentile
90.8%
A race condition in the ssl3_read_bytes function can allow remote attackers to inject data across sessions or cause a denial of service. This flaw only affects multithreaded applications using OpenSSL 1.0.0 and 1.0.1, where SSL_MODE_RELEASE_BUFFERS is enabled, which is not the default and not common.
- Fixed in OpenSSL 1.0.1h (Affected since 1.0.1)
- Fixed in OpenSSL 1.0.0m (Affected since 1.0.0)
Related
nessus
nessus
Mandriva Linux Security Advisory : openssl (MDVSA-2014:090)
2014-05-19 00:00:00
FreeBSD : OpenSSL -- Remote Data Injection / DoS (0b8d7194-ca88-11e3-9d8d-c80aa9043978)
2014-04-23 00:00:00
F5 Networks BIG-IP : OpenSSL vulnerability (K15328)
2014-10-10 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-14:09.openssl
2014-04-30 00:00:00
cve
cve
CVE-2010-5298
2014-04-14 22:38:08
debiancve
debiancve
CVE-2010-5298
2014-04-14 22:38:08
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:52:47
mariadbunix
mariadbunix
CVE-2010-5298
2014-04-14 22:38:00
securityvulns
securityvulns
FreeBSD Security Advisory FreeBSD-SA-14:09.openssl [REVISED]
2014-05-01 00:00:00
[USN-2192-1] OpenSSL vulnerabilities
2014-05-05 00:00:00
OpenSSL race conditions
2014-05-05 00:00:00
openvas
openvas
Juniper Networks Junos OS SSL Session Injection Vulnerability
2015-01-23 00:00:00
Mageia: Security Advisory (MGASA-2014-0187)
2022-01-28 00:00:00
Debian: Security Advisory (DSA-2908-1)
2014-04-16 00:00:00
freebsd
freebsd
OpenSSL -- Remote Data Injection / DoS
2010-02-09 00:00:00
f5
f5
SOL15328 - OpenSSL vulnerability CVE-2010-5298
2014-06-13 00:00:00
K15328 : OpenSSL vulnerability CVE-2010-5298
2014-06-20 00:00:00
mageia
mageia
Updated openssl packages fix CVE-2010-5298
2014-04-23 20:04:21
ubuntucve
ubuntucve
CVE-2010-5298
2014-04-14 00:00:00
cvelist
cvelist
CVE-2010-5298
2014-04-14 16:00:00
nvd
nvd
CVE-2010-5298
2014-04-14 22:38:08
prion
prion
Race condition
2014-04-14 22:38:00
aix
aix
AIX OpenSSL Vulnerability
2014-06-06 05:44:06
altlinux
altlinux
Security fix for the ALT Linux 7 package openssl10 version 1.0.1h-alt1
2014-06-05 00:00:00
Security fix for the ALT Linux 9 package openssl1.1 version 1.0.1h-alt1
2014-06-05 00:00:00
Security fix for the ALT Linux 9 package openssl10 version 1.0.1h-alt1
2014-06-05 00:00:00
ubuntu
ubuntu
OpenSSL vulnerabilities
2014-05-05 00:00:00
debian
debian
[SECURITY] [DSA 2908-1] openssl security update
2014-04-17 21:28:20
osv
osv
openssl - security update
2014-04-17 00:00:00
ibm
ibm
Security Bulletin: IBM QRadar SIEM 7.1 MR2, and 7.2 MR2 are affected by the following OpenSSL vulnerabilities: CVE-2014-0224, CVE-2014-0198, CVE-2010-5298
2018-06-16 21:18:17
vmware
vmware
VMware product updates address OpenSSL security vulnerabilities
2014-06-10 00:00:00
VMware product updates address OpenSSL security vulnerabilities
2014-06-10 00:00:00
kaspersky
kaspersky
KLA10382 Multiple vulnerabilities in VMware
2014-06-10 00:00:00
ics
ics
Siemens OpenSSL Vulnerabilities (Update G)
2018-08-29 12:00:00
oraclelinux
oraclelinux
openssl security update
2014-07-23 00:00:00
openssl security update
2014-06-05 00:00:00
gentoo
gentoo
OpenSSL: Multiple vulnerabilities
2014-07-27 00:00:00
centos
centos
openssl security update
2014-06-05 13:06:47
redhat
redhat
(RHSA-2014:0628) Important: openssl security update
2014-06-05 00:00:00
(RHSA-2014:0679) Important: openssl security update
2014-06-10 00:00:00
(RHSA-2014:0625) Important: openssl security update
2014-06-05 00:00:00
thn
thn
OpenSSL Vulnerable to Man-in-the-Middle Attack and Several Other Bugs
2014-06-05 05:49:00
slackware
slackware
[slackware-security] openssl
2014-06-06 05:27:11
amazon
amazon
Important: openssl
2014-06-04 15:45:00
intel
intel
cisco
cisco
Multiple Vulnerabilities in OpenSSL Affecting Cisco Products
2014-06-05 22:40:00
huawei
huawei
Security Advisory-Multiple OpenSSL vulnerabilities on Huawei products
2014-06-13 00:00:00
fortinet
fortinet
Multiple Vulnerabilities in OpenSSL
2014-06-06 00:00:00
avleonov
avleonov
Parsing Nessus v2 XML reports with python
2020-03-09 01:12:00
fedora
fedora
[SECURITY] Fedora 20 Update: openssl-1.0.1e-38.fc20
2014-06-05 21:55:11
[SECURITY] Fedora 19 Update: openssl-1.0.1e-38.fc19
2014-06-05 21:54:15
[SECURITY] Fedora 21 Update: mingw-openssl-1.0.1j-1.fc21
2015-01-02 05:06:53
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:N/I:P/A:P
7.4 High
AI Score
Confidence
High
0.029 Low
EPSS
Percentile
90.8%
Related for OPENSSL:CVE-2010-5298