Description
crypto/evp/e_aes_cbc_hmac_sha1.c in the AES-NI functionality in the TLS 1.1 and 1.2 implementations in OpenSSL 1.0.1 before 1.0.1d allows remote attackers to cause a denial of service (application crash) via crafted CBC data.
Remediation
References
Related Vulnerabilities
Oracle Application Server CVE-2006-0291 Vulnerability (CVE-2006-0291)
WordPress Plugin Zoho CRM Lead Magnet Unspecified Vulnerability (1.7.2.9)
WordPress Plugin 1 Flash Gallery 'upload.php' Arbitrary File Upload (1.5.7)
PostgreSQL Improper Control of Dynamically-Managed Code Resources Vulnerability (CVE-2022-2625)