Description
In OpenSSL 1.1.0 before 1.1.0d, if a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client crash. This could be exploited in a Denial of Service attack.
Remediation
References
Related Vulnerabilities
WordPress Plugin Coming soon and Maintenance mode Unspecified Vulnerability (3.5.4)
WordPress Plugin My Category Order 'parentID' Parameter SQL Injection (2.8)
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-6434)
Apache HTTP Server CVE-2012-0883 Vulnerability (CVE-2012-0883)
WordPress Plugin AskApache Firefox Adsense Cross-Site Request Forgery (3.0)