CVE-2008-0226

Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute…

mitre·CWE-119·Published 2008-01-10

CVSS

—

EPSS

0.92

KEV

Exploits

cve.orgen

260 chars

Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp.

NVDen

260 chars

NVDes

295 chars

Múltiples desbordamientos de búfer en yaSSL 1.7.5 y anteriores, como el utilizado en MySQL y posiblemente otros productos, permite a atacantes remotos ejecutar código de su elección mediante (1) la función ProcessOldClientHello en handshake.cpp o (2) "input_buffer& operator>>" en yassl_imp.cpp.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P