OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvr.c, ssl_sess.c, and t1_lib.c.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2016-06-20T00:00:00
Updated: 2022-12-13T00:00:00
Reserved: 2016-01-29T00:00:00
Link: CVE-2016-2177
JSON object: View
NVD Information
Status : Modified
Published: 2016-06-20T01:59:02.087
Modified: 2023-11-07T02:31:01.273
Link: CVE-2016-2177
JSON object: View
Redhat Information
No data.
CWE