CVE-2014-0625CVE-2014-0625

Affected configuration(s):

cpe:/a:emc:rsa_bsafe_ssl-j:5.0
cpe:/a:emc:rsa_bsafe_ssl-j:5.1.0
cpe:/a:emc:rsa_bsafe_ssl-j:5.1.1
cpe:/a:emc:rsa_bsafe_ssl-j:5.1.2
cpe:/a:emc:rsa_bsafe_ssl-j:6.0
cpe:/a:emc:rsa_bsafe_ssl-j:6.0.1

Date published: 2014-02-17T19:55:05.143-05:00

Date last modified: 2014-02-18T14:43:45.623-05:00

CVSS Score: 5.0

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://archives.neohapsis.com/archives/bugtraq/2014-02/0061.html

Summary: The SSLSocket implementation in the (1) JSAFE and (2) JSSE APIs in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 allows remote attackers to cause a denial of service (memory consumption) by triggering application-data processing during the TLS handshake, a time at which the data is internally buffered.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.