- Home
- CVEs with nessus.description==According to its banner, the remote host is running OpenSSL version
1.1.0a. It is, therefore, affected by a remote code execution
vulnerability in the read_state_machine() function in statem.c due to
improper handling of messages larger than 16k. An unauthenticated,
remote attacker can exploit this, via a specially crafted message, to
cause a use-after-free error, resulting in a denial of service
condition or possibly the execution of arbitrary code.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top