Date published: 2014-11-27T21:59:00.080-05:00
Date last modified: 2014-11-28T10:41:31.890-05:00
CVSS Score: 5.0
Principal attack vector: NETWORK
Reference URL: http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3407
Summary: The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(.2) and earlier does not properly allocate memory blocks during HTTP packet handling, which allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCuq68888.