Denial of service vulnerability in OpenSSL - CVE-2023-2650ID: oval:org.secpod.oval:def:90184 | Date: (C)2023-06-01 (M)2024-04-29 |
Class: VULNERABILITY | Family: windows |
The host is installed with MySQL Server through 5.7.42 or 8.0.33 or OpenSSL 1.0.2 before 1.0.2zh, 1.1.1 before 1.1.1u, 3.0.0 before 3.0.9 or 3.1.0 before 3.1.1 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to process some specially crafted ASN like object identifiers or data containing them. Successful exploitation allows attackers to cause denial of service when processing applications that use OBJ_obj2txt() directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit.
Platform: |
Microsoft Windows 11 |
Microsoft Windows Server 2022 |
Microsoft Windows 7 |
Microsoft Windows 8.1 |
Microsoft Windows 10 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows Server 2016 |
Microsoft Windows Server 2019 |
Product: |
OpenSSL |
MySQL Server 5.7 |
MySQL Server 8.0 |