CVE-2011-0014

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2011-0014

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2011-0014.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2011-0014

Downstream

DEBIAN-CVE-2011-0014

DSA-2162-1

RHSA-2011:0677

SUSE-FU-2022:0445-1

SUSE-SU-2015:1184-1

SUSE-SU-403

SUSE-SU-403 Forbidden-1

openSUSE-SU-2024:10271-1

openSUSE-SU-2024:10529-1

openSUSE-SU-2024:11127-1

Related

Withdrawn

2026-01-27T04:10:36.332170Z

Published

2011-02-19T01:00:01Z

Modified

2026-01-27T04:10:36.332170Z

Summary

[none]

Details

ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka "OCSP stapling vulnerability."

References

Affected packages