CVE-2008-0227

2008-01-10T18:46:00
ID CVE-2008-0227
Type cve
Reporter NVD
Modified 2018-10-15T17:58:42

Description

yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allows remote attackers to cause a denial of service (crash) via a Hello packet containing a large size value, which triggers a buffer over-read in the HASHwithTransform::Update function in hash.cpp.