CVE-2015-3196 vulnerability in HP and Other Products
Published on December 6, 2015

ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and 1.0.2 before 1.0.2d, when used for a multi-threaded client, writes the PSK identity hint to an incorrect data structure, which allows remote servers to cause a denial of service (race condition and double free) via a crafted ServerKeyExchange message.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2015-3196

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2015-3196 are published in these products:

HP Icewall Sso

HP Icewall Sso Agent Option

OpenSSL

Oracle VM VirtualBox

Red Hat Enterprise Linux Desktop

Red Hat Enterprise Linux Server Aus

Red Hat Enterprise Linux Workstation

Red Hat Enterprise Linux Server Tus

Fedora Project Fedora

Red Hat Enterprise Linux Server

Red Hat Enterprise Linux Server Eus

Canonical Ubuntu Linux

Debian Linux

Exploit Probability

EPSS

10.26%

Percentile

93.02%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2015-3196 vulnerability in HP and Other ProductsPublished on December 6, 2015

Products Associated with CVE-2015-3196

Exploit Probability

CVE-2015-3196 vulnerability in HP and Other Products
Published on December 6, 2015