9.8 High
AI Score
Confidence
High
7.6 High
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
0.335 Low
EPSS
Percentile
97.0%
Rob Hulswit discovered a race condition in the OpenSSL TLS server
extension parsing code when used within a threaded server. A remote
attacker could trigger this flaw to cause a denial of service
or possibly execute arbitrary code with application privileges.
(CVE-2010-3864)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 9.10 | noarch | libssl0.9.8 | < 0.9.8g-16ubuntu3.4 | UNKNOWN |
Ubuntu | 9.10 | noarch | libcrypto0.9.8-udeb | < 0.9.8g-16ubuntu3.4 | UNKNOWN |
Ubuntu | 9.10 | noarch | libssl-dev | < 0.9.8g-16ubuntu3.4 | UNKNOWN |
Ubuntu | 9.10 | noarch | libssl0.9.8-dbg | < 0.9.8g-16ubuntu3.4 | UNKNOWN |
Ubuntu | 9.10 | noarch | openssl | < 0.9.8g-16ubuntu3.4 | UNKNOWN |
Ubuntu | 8.04 | noarch | libssl0.9.8 | < 0.9.8g-4ubuntu3.12 | UNKNOWN |
Ubuntu | 8.04 | noarch | libcrypto0.9.8-udeb | < 0.9.8g-4ubuntu3.12 | UNKNOWN |
Ubuntu | 8.04 | noarch | libssl-dev | < 0.9.8g-4ubuntu3.12 | UNKNOWN |
Ubuntu | 8.04 | noarch | libssl0.9.8-dbg | < 0.9.8g-4ubuntu3.12 | UNKNOWN |
Ubuntu | 8.04 | noarch | openssl | < 0.9.8g-4ubuntu3.12 | UNKNOWN |