NVD

Id
31690  
Name
CVE-2014-3505  
Description
Double free vulnerability in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (application crash) via crafted DTLS packets that trigger an error condition.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:N/A:P)  
Pub Date
2017-01-19  
Published
2014-08-13  
Modified Date
2017-01-06  
Seq
2014-3505  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
166121 31690 CVE-2014-3505 NetBSD-SA2014-008  View
166122 31690 CVE-2014-3505 http://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.asc  View
166123 31690 CVE-2014-3505 http://linux.oracle.com/errata/ELSA-2014-1052.html  View
166124 31690 CVE-2014-3505 http://linux.oracle.com/errata/ELSA-2014-1053.html  View
166125 31690 CVE-2014-3505 FEDORA-2014-9301  View
166126 31690 CVE-2014-3505 FEDORA-2014-9308  View
166127 31690 CVE-2014-3505 openSUSE-SU-2016:0640  View
166128 31690 CVE-2014-3505 openSUSE-SU-2014:1052  View
166129 31690 CVE-2014-3505 HPSBUX03095  View
166130 31690 CVE-2014-3505 HPSBOV03099  View
166131 31690 CVE-2014-3505 SSRT101846  View
166132 31690 CVE-2014-3505 RHSA-2014:1256  View
166133 31690 CVE-2014-3505 RHSA-2014:1297  View
166134 31690 CVE-2014-3505 58962  View
166135 31690 CVE-2014-3505 59700  View
166136 31690 CVE-2014-3505 59710  View
166137 31690 CVE-2014-3505 59743  View
166138 31690 CVE-2014-3505 60022  View
166139 31690 CVE-2014-3505 60221  View
166140 31690 CVE-2014-3505 60493  View
166141 31690 CVE-2014-3505 60684  View
166142 31690 CVE-2014-3505 60778  View
166143 31690 CVE-2014-3505 60803  View
166144 31690 CVE-2014-3505 61040  View
166145 31690 CVE-2014-3505 61100  View
166146 31690 CVE-2014-3505 61184  View
166147 31690 CVE-2014-3505 61250  View
166148 31690 CVE-2014-3505 GLSA-201412-39  View
166149 31690 CVE-2014-3505 http://support.f5.com/kb/en-us/solutions/public/15000/500/sol15573.html  View
166150 31690 CVE-2014-3505 http://www-01.ibm.com/support/docview.wss?uid=nas8N1020240  View
166151 31690 CVE-2014-3505 http://www-01.ibm.com/support/docview.wss?uid=swg21682293  View
166152 31690 CVE-2014-3505 http://www-01.ibm.com/support/docview.wss?uid=swg21683389  View
166153 31690 CVE-2014-3505 http://www-01.ibm.com/support/docview.wss?uid=swg21686997  View
166154 31690 CVE-2014-3505 DSA-2998  View
166155 31690 CVE-2014-3505 http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-372998.htm  View
166156 31690 CVE-2014-3505 MDVSA-2014:158  View
166157 31690 CVE-2014-3505 69081  View
166158 31690 CVE-2014-3505 1030693  View
166159 31690 CVE-2014-3505 https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=bff1ce4e6a1c57c3d0a5f9e4f85ba6385fccfe8b  View
166160 31690 CVE-2014-3505 [syslog-ng-announce] 20140910 syslog-ng Premium Edition 5 LTS (5.0.6a) has been released  View
166161 31690 CVE-2014-3505 https://www.openssl.org/news/secadv_20140806.txt  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
14934 JVNDB-2014-003809 OpenSSL の DTLS の実装の d1_both.c におけるメモリ二重解放の脆弱性 OpenSSL の DTLS の実装の d1_both.c には、メモリを二重に解放する不備があるため、サービス運用妨害 (アプリケーションクラッシュ) 状態にされる脆弱性が存在します。 CVE-2014-3505 70793 CVE-2014-3505 31690 5 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-003809.html 2014-08-06 2015-06-09 View