Vulnerability Database

296,147

Total vulnerabilities in the database

CVE-2008-0891

Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g, when the TLS server name extensions are enabled, allows remote attackers to cause a denial of service (crash) via a malformed Client Hello packet. NOTE: some of these details are obtained from third party information.

  • Published: May 29, 2008
  • Updated: Nov 8, 2023
  • CVE: CVE-2008-0891
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:M/Au:N/C:N/I:N/A:P

CWEs:

Software From Fixed in
openssl / openssl 0.9.8g 0.9.8g.x
openssl / openssl 0.9.8f 0.9.8f.x