Lucene search

PRIOn knowledge basePRION:CVE-2007-4995

HistoryOct 13, 2007 - 1:17 a.m.

Code injection

2007-10-1301:17:00

PRIOn knowledge base

www.prio-n.com

9.4 High

AI Score

Confidence

High

0.177 Low

EPSS

Percentile

96.2%

JSON

Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8f allows remote attackers to execute arbitrary code via unspecified vectors.

CPENameOperatorVersion
openssleq0.9.898
openssleq0.9.899
openssleq0.9.8101
openssleq0.9.8100
openssleq0.9.897
openssleq0.9.8

Name	Operator	Version
openssl	eq	0.9.898
openssl	eq	0.9.899
openssl	eq	0.9.8101
openssl	eq	0.9.8100
openssl	eq	0.9.897
openssl	eq	0.9.8

References

bugs.gentoo.org/show_bug.cgi?id=195634

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01299773

lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html

secunia.com/advisories/25878

secunia.com/advisories/27205

secunia.com/advisories/27217

secunia.com/advisories/27271

secunia.com/advisories/27363

secunia.com/advisories/27434

secunia.com/advisories/27933

secunia.com/advisories/28084

secunia.com/advisories/30161

secunia.com/advisories/30220

secunia.com/advisories/30852

security.gentoo.org/glsa/glsa-200710-30.xml

securitytracker.com/id?1018810

support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=738962

www.debian.org/security/2008/dsa-1571

www.gentoo.org/security/en/glsa/glsa-200805-07.xml

www.mandriva.com/security/advisories?name=MDKSA-2007:237

www.redhat.com/support/errata/RHSA-2007-0964.html

www.securityfocus.com/archive/1/482167/100/0/threaded

www.securityfocus.com/bid/26055

www.vupen.com/english/advisories/2007/3487

www.vupen.com/english/advisories/2007/4219

www.vupen.com/english/advisories/2008/1937/references

exchange.xforce.ibmcloud.com/vulnerabilities/37185

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10288

usn.ubuntu.com/534-1/

www.openssl.org/news/secadv_20071012.txt

www.redhat.com/archives/fedora-package-announce/2007-October/msg00218.html