CVE-2002-0656

Description

Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in SSL3.

Affected products

Apple / mac_os_x10.1.5 – 10.1.5
Apple / mac_os_x10.1.4 – 10.1.4
Apple / mac_os_x10.1.3 – 10.1.3
Apple / mac_os_x10.1.2 – 10.1.2
Apple / mac_os_x10.1.1 – 10.1.1
Apple / mac_os_x10.1 – 10.1
Apple / mac_os_x10.0.4 – 10.0.4
Apple / mac_os_x10.0.3 – 10.0.3
Apple / mac_os_x10.0.2 – 10.0.2
Apple / mac_os_x10.0.1 – 10.0.1
Apple / mac_os_x10.0 – 10.0
OpenSSL / OpenSSL0.9.7 – 0.9.7
OpenSSL / OpenSSL0.9.7 – 0.9.7
OpenSSL / OpenSSL0.9.1c – 0.9.1c
OpenSSL / OpenSSL0.9.2b – 0.9.2b
OpenSSL / OpenSSL0.9.3 – 0.9.3
OpenSSL / OpenSSL0.9.4 – 0.9.4
OpenSSL / OpenSSL0.9.5 – 0.9.5
OpenSSL / OpenSSL0.9.5a – 0.9.5a
OpenSSL / OpenSSL0.9.6 – 0.9.6
OpenSSL / OpenSSL0.9.6a – 0.9.6a
OpenSSL / OpenSSL0.9.6b – 0.9.6b
OpenSSL / OpenSSL0.9.6c – 0.9.6c
OpenSSL / OpenSSL0.9.6d – 0.9.6d
oracle / application_server
oracle / application_server1.0.2 – 1.0.2
oracle / application_server1.0.2.2 – 1.0.2.2
oracle / application_server1.0.2.1s – 1.0.2.1s
oracle / corporate_time_outlook_connector3.1 – 3.1
oracle / corporate_time_outlook_connector3.3 – 3.3
oracle / corporate_time_outlook_connector3.1.2 – 3.1.2
oracle / corporate_time_outlook_connector3.1.1 – 3.1.1
oracle / http_server9.2.0 – 9.2.0
oracle / http_server9.0.1 – 9.0.1

Description

Affected products

References