Description
Integer overflow in the EVP_EncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of binary data.
Remediation
References
Related Vulnerabilities
WordPress Plugin Wordpress Membership SwiftCloud.io SQL Injection (1.0)
WordPress Plugin Elementor Website Builder Cross-Site Scripting (2.9.8)
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.37)
Joomla! Core 3.9.x Cross-Site Scripting (3.9.0 - 3.9.23)
WordPress Plugin Really Easy Slider TimThumb Arbitrary File Upload (0.1)