Description
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
Remediation
References
Related Vulnerabilities
Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-41892)
Craft CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-14280)
WordPress Plugin Newsletters Unspecified Vulnerability (4.5.5.2)
WordPress Plugin yURL ReTwitt Cross-Site Request Forgery (1.4)