- Home
- CVEs with nessus.description==The version of MySQL Enterprise Server 5.6 installed on the remote
host is 5.6.x prior to 5.6.29 or 5.7.x prior to 5.7.11. It is,
therefore, affected by multiple vulnerabilities in the included
OpenSSL library :
- A NULL pointer dereference flaw exists in file
rsa_ameth.c due to improper handling of ASN.1 signatures
that are missing the PSS parameter. A remote attacker
can exploit this to cause the signature verification
routine to crash, resulting in a denial of service
condition. (CVE-2015-3194)
- A flaw exists in the ASN1_TFLG_COMBINE implementation in
file tasn_dec.c related to handling malformed
X509_ATTRIBUTE structures. A remote attacker can exploit
this to cause a memory leak by triggering a decoding
failure in a PKCS#7 or CMS application, resulting in a
denial of service. (CVE-2015-3195)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top