Release DateMar 14, 2011 |
Severityhigh |
ImpactSystem compromiseDenial of service |
DescriptionThis indicates s possible attack against a buffer-overflow vulnerability in yaSSL.This issue is caused by an error when the vulnerable software handles a malformed certificate packet. It may allow remote attackers to execute arbitrary code or cause denial of service by sending a crafted certificate packet. |
Affected ProductsyaSSL prior to 1.9.9 |
Recommended ActionsUpdate to version 1.9.9. |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2009-4484 |
