virus logo FortiClient Vulnerability

OpenSSL CVE-2014-3505 Vulnerability

description-logoDescription

An attacker can force an error condition which causes openssl to crash whilstprocessing DTLS packets due to memory being freed twice. This can be exploitedthrough a Denial of Service attack.OpenSSL 0.9.8 DTLS users should upgrade to 0.9.8zbOpenSSL 1.0.0 DTLS users should upgrade to 1.0.0n.OpenSSL 1.0.1 DTLS users should upgrade to 1.0.1i.Thanks to Adam Langley and Wan-Teh Chang (Google) for discovering andresearching this issue. This issue was reported to OpenSSL on 6th June2014.The fix was developed by Adam Langley.

affected-products-logoAffected Applications

OpenSSL

CVE References

CVE-2014-3505

Other References

https://www.openssl.org/news/vulnerabilities.html
ID 39804
Created Jan 17, 2020
Description
Updated		 Dec 19, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Linux
Vendor OpenSSL
Patch manual
Application OpenSSL