Description
Memory leak in the tls_decrypt_ticket function in t1_lib.c in OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted session ticket that triggers an integrity-check failure.
Remediation
References
Related Vulnerabilities
Zope Web Application Server Other Vulnerability (CVE-2001-1278)
Oracle Database Server CVE-2007-5520 Vulnerability (CVE-2007-5520)
WordPress 4.3.x PHP Object Injection (4.3 - 4.3.25)
Joomla! Core 3.x.x Multiple Vulnerabilities (3.4.4 - 3.6.3)
WordPress Plugin Catch Themes Demo Import Arbitrary File Upload (1.7)