Description
The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c.
Remediation
References
Related Vulnerabilities
MediaWiki Improper Authentication Vulnerability (CVE-2014-2665)
OpenSSL Cryptographic Issues Vulnerability (CVE-2006-4339)
PHP Other Vulnerability (CVE-2002-2215)
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-0837)
Magento Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-28566)