virus logo FortiClient Vulnerability

OpenSSL CVE-2014-3508 Information Disclosure Vulnerability

description-logoDescription

A flaw in OBJ_obj2txt may cause pretty printing functions such asX509_name_oneline, X509_name_print_ex et al. to leak some information from thestack. Applications may be affected if they echo pretty printing output to theattacker. OpenSSL SSL/TLS clients and servers themselves are not affected.OpenSSL 0.9.8 users should upgrade to 0.9.8zbOpenSSL 1.0.0 users should upgrade to 1.0.0n.OpenSSL 1.0.1 users should upgrade to 1.0.1i.Thanks to Ivan Fratric (Google) for discovering this issue. This issuewas reported to OpenSSL on 19th June 2014.The fix was developed by Emilia Ksper and Stephen Henson of the OpenSSLdevelopment team.

affected-products-logoAffected Applications

OpenSSL

CVE References

CVE-2014-3508

Other References

https://www.openssl.org/news/vulnerabilities.html
ID 39801
Created Jan 17, 2020
Description
Updated		 Dec 19, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Linux
Vendor OpenSSL
Patch manual
Application OpenSSL