virus logo FortiClient Vulnerability

OpenSSL CVE-2014-3512 Buffer Overflow Vulnerability

description-logoDescription

A malicious client or server can send invalid SRP parameters and overrunan internal buffer. Only applications which are explicitly set up for SRPuse are affected.OpenSSL 1.0.1 SSL/TLS users should upgrade to 1.0.1i.Thanks to Sean Devlin and Watson Ladd (Cryptography Services, NCCGroup) for discovering this issue. This issue was reported to OpenSSLon 31st July 2014.The fix was developed by Stephen Henson of the OpenSSL core team.ReferencesURL for this Security Advisory:https://www.openssl.org/news/secadv_20140806.txtNote: the online version of the advisory may be updated with additionaldetails over time.

affected-products-logoAffected Applications

OpenSSL

CVE References

CVE-2014-3512

Other References

https://www.openssl.org/news/vulnerabilities.html
ID 39809
Created Jan 17, 2020
Description
Updated		 Dec 19, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Linux
Vendor OpenSSL
Patch manual
Application OpenSSL