296,172
Total vulnerabilities in the database
Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738. As of 20071012, it is unknown whether code execution is possible.
| Software | From | Fixed in |
|---|---|---|
| openssl / openssl | 0.9.7-beta5 | 0.9.7-beta5.x |
| openssl / openssl | 0.9.7-beta3 | 0.9.7-beta3.x |
| openssl / openssl | 0.9.7-beta6 | 0.9.7-beta6.x |
| openssl / openssl | 0.9.8b | 0.9.8b.x |
| openssl / openssl | 0.9.7l | 0.9.7l.x |
| openssl / openssl | 0.9.8c | 0.9.8c.x |
| openssl / openssl | 0.9.7-beta2 | 0.9.7-beta2.x |
| openssl / openssl | 0.9.7c | 0.9.7c.x |
| openssl / openssl | 0.9.7j | 0.9.7j.x |
| openssl / openssl | 0.9.8e | 0.9.8e.x |
| openssl / openssl | 0.9.8d | 0.9.8d.x |
| openssl / openssl | 0.9.7k | 0.9.7k.x |
| openssl / openssl | 0.9.7g | 0.9.7g.x |
| openssl / openssl | 0.9.7d | 0.9.7d.x |
| openssl / openssl | 0.9.7 | 0.9.7.x |
| openssl / openssl | 0.9.7e | 0.9.7e.x |
| openssl / openssl | 0.9.7b | 0.9.7b.x |
| openssl / openssl | 0.9.8a | 0.9.8a.x |
| openssl / openssl | 0.9.7-beta4 | 0.9.7-beta4.x |
| openssl / openssl | 0.9.7-beta1 | 0.9.7-beta1.x |
| openssl / openssl | 0.9.7i | 0.9.7i.x |
| openssl / openssl | 0.9.7h | 0.9.7h.x |
| openssl / openssl | 0.9.8 | 0.9.8.x |
| openssl / openssl | 0.9.7a | 0.9.7a.x |
| openssl / openssl | 0.9.8f | 0.9.8f.x |
| openssl / openssl | 0.9.7f | 0.9.7f.x |