CVE-2008-0227

2008-01-10T18:46:00
ID CVE-2008-0227
Type cve
Reporter NVD
Modified 2017-08-07T21:29:24

Description

yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allows remote attackers to cause a denial of service (crash) via a Hello packet containing a large size value, which triggers a buffer over-read in the HASHwithTransform::Update function in hash.cpp.