One Article Review
| Source |  Fortinet |
|---|---|
| Identifiant | 194592 |
| Date de publication | 2016-10-12 17:02:42 (vue: 2016-10-12 17:02:42) |
| Titre | Analysis of OpenSSL Large Message Size Handling Use After Free (CVE-2016-6309) |
| Texte | OpenSSL released an emergency security update shortly after a patch was issued a few weeks ago. This security update addresses a critical Use After Free vulnerability introduced by the updated code that revised to resolve the earlier low severity vulnerability CVE-2016-6307. This critical Use After Free vulnerability (CVE-2016-6309) is caused by an error that occurs when relocating a message with an overlarge message size greater than 16k. Remote attackers may access the freed buffer to crash, or potentially even execute arbitrary code on vulnerable... |
| Notes | |
| Envoyé | Oui |
| Condensat | 16k 2016 6307 6309 access addresses after ago analysis arbitrary attackers buffer caused code crash critical cve earlier emergency error even execute free freed greater handling introduced issued large low may message occurs openssl overlarge patch potentially released relocating remote resolve revised security severity shortly size than update updated use vulnerability vulnerable weeks when |
| Tags | |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.