fkie_cve-2010-3864
Vulnerability from fkie_nvd
Published
2010-11-17 16:00
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap-based buffer overflow, related to (1) the TLS server name extension and (2) elliptic curve cryptography.
References
secalert@redhat.comhttp://blogs.sun.com/security/entry/cve_2010_3864_race_condition
secalert@redhat.comhttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777
secalert@redhat.comhttp://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-November/051170.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-November/051237.html
secalert@redhat.comhttp://lists.fedoraproject.org/pipermail/package-announce/2010-November/051255.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=129916880600544&w=2
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=130497251507577&w=2
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=132828103218869&w=2
secalert@redhat.comhttp://openssl.org/news/secadv_20101116.txtPatch, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/42241
secalert@redhat.comhttp://secunia.com/advisories/42243Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/42309
secalert@redhat.comhttp://secunia.com/advisories/42336
secalert@redhat.comhttp://secunia.com/advisories/42352
secalert@redhat.comhttp://secunia.com/advisories/42397
secalert@redhat.comhttp://secunia.com/advisories/42413
secalert@redhat.comhttp://secunia.com/advisories/43312
secalert@redhat.comhttp://secunia.com/advisories/44269
secalert@redhat.comhttp://secunia.com/advisories/57353
secalert@redhat.comhttp://security.FreeBSD.org/advisories/FreeBSD-SA-10:10.openssl.asc
secalert@redhat.comhttp://securitytracker.com/id?1024743Patch
secalert@redhat.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668793
secalert@redhat.comhttp://support.apple.com/kb/HT4723
secalert@redhat.comhttp://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564
secalert@redhat.comhttp://www.adobe.com/support/security/bulletins/apsb11-11.html
secalert@redhat.comhttp://www.debian.org/security/2010/dsa-2125
secalert@redhat.comhttp://www.kb.cert.org/vuls/id/737740US Government Resource
secalert@redhat.comhttp://www.securityfocus.com/archive/1/516397/100/0/threaded
secalert@redhat.comhttp://www.vmware.com/security/advisories/VMSA-2011-0003.html
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/3041
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/3077
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/3097
secalert@redhat.comhttp://www.vupen.com/english/advisories/2010/3121
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=649304Patch
secalert@redhat.comhttps://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html
secalert@redhat.comhttps://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html
secalert@redhat.comhttps://rhn.redhat.com/errata/RHSA-2010-0888.html
af854a3a-2127-422b-91ae-364da2661108http://blogs.sun.com/security/entry/cve_2010_3864_race_condition
af854a3a-2127-422b-91ae-364da2661108http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051170.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051237.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051255.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=129916880600544&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=130497251507577&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=132828103218869&w=2
af854a3a-2127-422b-91ae-364da2661108http://openssl.org/news/secadv_20101116.txtPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/42241
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/42243Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/42309
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/42336
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/42352
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/42397
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/42413
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/43312
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/44269
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/57353
af854a3a-2127-422b-91ae-364da2661108http://security.FreeBSD.org/advisories/FreeBSD-SA-10:10.openssl.asc
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1024743Patch
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668793
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT4723
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564
af854a3a-2127-422b-91ae-364da2661108http://www.adobe.com/support/security/bulletins/apsb11-11.html
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2010/dsa-2125
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/737740US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/516397/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/security/advisories/VMSA-2011-0003.html
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/3041
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/3077
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/3097
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/3121
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=649304Patch
af854a3a-2127-422b-91ae-364da2661108https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html
af854a3a-2127-422b-91ae-364da2661108https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2010-0888.html
Impacted products
Vendor Product Version
openssl openssl 0.9.8f
openssl openssl 0.9.8g
openssl openssl 0.9.8h
openssl openssl 0.9.8i
openssl openssl 0.9.8j
openssl openssl 0.9.8k
openssl openssl 0.9.8l
openssl openssl 0.9.8m
openssl openssl 0.9.8n
openssl openssl 0.9.8o
openssl openssl 1.0.0
openssl openssl 1.0.0a


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BB38AEA-BAF0-4920-9A71-747C24444770",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F33EA2B-DE15-4695-A383-7A337AC38908",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*",
              "matchCriteriaId": "261EE631-AB43-44FE-B02A-DFAAB8D35927",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA0E0BBF-D0BE-41A7-B9BB-C28F01000BC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A1365ED-4651-4AB2-A64B-43782EA2F0E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC82690C-DCED-47BA-AA93-4D0C9E95B806",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*",
              "matchCriteriaId": "43B90ED1-DAB4-4239-8AD8-87E8D568D5D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C9BF2DD-85EF-49CF-8D83-0DB46449E333",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*",
              "matchCriteriaId": "86C46AB8-52E5-4385-9C5C-F63FF9DB82AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*",
              "matchCriteriaId": "564AA4E7-223E-48D8-B3E0-A461969CF530",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FBD8C92-6138-4274-ACBA-D7D42DAEC5AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "10FF0A06-DA61-4250-B083-67E55E362677",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap-based buffer overflow, related to (1) the TLS server name extension and (2) elliptic curve cryptography."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades de condici\u00f3n de carrera en ssl/t1_lib.c en OpenSSL v0.9.8f a la v0.9.8o, v1.0.0, y v1.0.0a, cuando la multi-hilo la cach\u00e9 interna est\u00e1 activada en el servidor TLS, podr\u00eda permitir a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de datos del cliente que provocan un desbordamiento de b\u00fafer basado en memoria din\u00e1mica (heap), relacionado con (1)el nombre de extensi\u00f3n del servidor TLS y (2) la curva el\u00edptica criptogr\u00e1fica."
    }
  ],
  "id": "CVE-2010-3864",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.6,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 4.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-11-17T16:00:01.763",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://blogs.sun.com/security/entry/cve_2010_3864_race_condition"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051170.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051237.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051255.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=129916880600544\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=130497251507577\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=132828103218869\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://openssl.org/news/secadv_20101116.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/42241"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/42243"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/42309"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/42336"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/42352"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/42397"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/42413"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/43312"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/44269"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/57353"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://security.FreeBSD.org/advisories/FreeBSD-SA-10:10.openssl.asc"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1024743"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.668793"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.apple.com/kb/HT4723"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.adobe.com/support/security/bulletins/apsb11-11.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2010/dsa-2125"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/737740"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/3041"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/3077"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/3097"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2010/3121"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=649304"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://rhn.redhat.com/errata/RHSA-2010-0888.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://blogs.sun.com/security/entry/cve_2010_3864_race_condition"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051170.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051237.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051255.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=129916880600544\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=130497251507577\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=132828103218869\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://openssl.org/news/secadv_20101116.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/42241"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/42243"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/42309"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/42336"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/42352"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/42397"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/42413"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/43312"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/44269"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/57353"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.FreeBSD.org/advisories/FreeBSD-SA-10:10.openssl.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1024743"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.668793"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT4723"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.adobe.com/support/security/bulletins/apsb11-11.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2010/dsa-2125"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/737740"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/3041"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/3077"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/3097"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/3121"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=649304"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2010-0888.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-362"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.