LibreSSL 'OBJ_obj2txt()' Function Buffer Overflow and Information Disclosure Vulnerabilities

LibreSSL is prone to the following vulnerabilities:

1. A heap-based buffer-overflow vulnerability

2. An information-disclosure vulnerability

Successful exploits can allow attackers to obtain sensitive information or to execute arbitrary code in the context of the affected application. Failed attempts may lead to a denial-of-service condition.

LibreSSL 2.3.0 and prior versions are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus