Security Bulletin: Vulnerability in SSLv3 affects IBM Content Navigator (CVE-2014-3566)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in the Knowledge Center for IBM Content Navigator V2.0.3. Vulnerability Details CVE-ID: CVE-2014-3566 DESCRIPTION: Product could allow a remote...

CVE-2013-5914

Buffer overflow in the sslreadrecord function in ssltls.c in PolarSSL before 1.1.8, when using TLS 1.1, might allow remote attackers to execute arbitrary code via a long packet...